Reputation: 11
Getting all possible LDAP Attributes of special object classes in AD using C#
I have a question regarding this topic
Is it possible to get the first point of JPBlanc's answer:
- Get all possible user attributes as described in the schema using System.DirectoryServices?
Upvotes: 0
Views: 7353
Answers (2)
Reputation: 11
Here is the solution I needed:
List<string> userPropertyList = new List<string>();
ActiveDirectorySchema currSchema = ActiveDirectorySchema.GetCurrentSchema();
ActiveDirectorySchemaClass collection = currSchema.FindClass("user");
ReadOnlyActiveDirectorySchemaPropertyCollection properties = collection.GetAllProperties();
IEnumerator enumerator = properties.GetEnumerator();
while (enumerator.MoveNext())
{
userPropertyList.Add(enumerator.Current.ToString());
}
To get all possible properties of a group, just change "user" to "group". This ldap query includes all properties for the subclasses, too. For e.g. asking all properties for class "user" will include the properties for "tob", "person" and "organizationalPerson".
Thnks to abhitalks for the hint to the solution.
Upvotes: 1
Reputation: 28437
This snippet is from one of my old projects where I needed to do nearly the same thing. This code snippet is part of a larger test ASP.Net app, hence the response.write you could see.
Am sorry, I have it in VB.Net, but am sure you would be able to get it going in C#.
Sub GetAllUserInfo(ByVal userName As String)
Dim strGroup As String
Dim adRoot As New DirectoryServices.DirectoryEntry("LDAP://domain.local/DC=domain,DC=local")
Dim adSearch As New DirectoryServices.DirectorySearcher(adRoot)
Dim adResult As DirectoryServices.SearchResult
adSearch.Filter = "(sAMAccountName=" + userName + ")"
adSearch.PropertiesToLoad.Add("cn")
adResult = adSearch.FindOne()
Response.Write("<table>")
For Each x As DirectoryServices.PropertyValueCollection In adResult.GetDirectoryEntry.Properties
Response.Write("<tr><td>")
Response.Write(x.PropertyName)
Response.Write("</td><td>")
Response.Write(x.Value.ToString)
Response.Write("</td></tr>")
If x.PropertyName = "memberOf" Then
For Each s As String In x.Value
Response.Write("<tr><td>")
Response.Write("Groups: ")
Response.Write("</td><td>")
strGroup = Mid(s, InStr(s, "CN=") + 3, (InStr(InStr(s, "CN=") + 3, s, ",") - (InStr(s, "CN=") + 3)))
Response.Write(strGroup)
Response.Write("</td></tr>")
Next
End If
Next
Response.Write("</table>")
End Sub
Ok. Here you go in C#, used an online converter.
public void GetAllUserInfo(string userName)
{
string strGroup = null;
DirectoryServices.DirectoryEntry adRoot = new DirectoryServices.DirectoryEntry("LDAP://domain.local/DC=domain,DC=local");
DirectoryServices.DirectorySearcher adSearch = new DirectoryServices.DirectorySearcher(adRoot);
DirectoryServices.SearchResult adResult = default(DirectoryServices.SearchResult);
adSearch.Filter = "(sAMAccountName=" + userName + ")";
adSearch.PropertiesToLoad.Add("cn");
adResult = adSearch.FindOne();
Response.Write("<table>");
foreach (DirectoryServices.PropertyValueCollection x in adResult.GetDirectoryEntry.Properties) {
Response.Write("<tr><td>");
Response.Write(x.PropertyName);
Response.Write("</td><td>");
Response.Write(x.Value.ToString);
Response.Write("</td></tr>");
if (x.PropertyName == "memberOf") {
foreach (string s in x.Value) {
Response.Write("<tr><td>");
Response.Write("Groups: ");
Response.Write("</td><td>");
strGroup = Strings.Mid(s, Strings.InStr(s, "CN=") + 3, (Strings.InStr(Strings.InStr(s, "CN=") + 3, s, ",") - (Strings.InStr(s, "CN=") + 3)));
Response.Write(strGroup);
Response.Write("</td></tr>");
}
}
}
Response.Write("</table>");
}
Update:
The above code retrieves only those properties that have a value set. If you need to enumerate all properties in the LDAP schema, you will need to look at the ActiveDirectorySchema and ActiveDirectorySchemaClass classes in the DirectoryServices.ActiveDirectory namespace.
Getting the schema:
ActiveDirectorySchema currentSchema = ActiveDirectorySchema.GetCurrentSchema();
Once you have the schema, you can see the classes:
ActiveDirectorySchemaClass objClass = currentSchema.FindClass("ldapDisplayName");
Where, ldapDisplayName is the AD object name, like "person", "computer" etc.
Now, you can enumerate the properties. Make sure you enumerate both MandatoryProperties and OptionalProperties properties of the class:
objClass.MandatoryProperties
objClass.OptionalProperties
More info here: http://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.activedirectoryschemaclass.aspx
Hope that helps.
Upvotes: 0
Related Questions
- LDAP - Retrieve a list of all attributes/values?
- How to get list of classes of an Active Directory in C#
- How to get All attributes from an Active Directory user in C#
- Active Directory Attribute List Using c#
- Query Active Directory in C#
- Is there a list of values I can use for objectClass and objectCategory?
- Retrieving user attributes from Active Directory using LDAP - JAVA
- Determine the objectClass of a given id from LDAP
- LDAP query operational attributes
- C# get obscure Active Directory Attributes