psobhan
Reputation: 635
How to get all the user's details from Active Directory using LDAP
I need to get all the user's details from Active directory using LDAP. The following code does gives Samaccountname as 'Administrator' but not each user's details and no mail ID is found in the list. Kindly Help.
string dominName = ConfigurationManager.AppSettings["DominName"].ToString();
string ldapPath = ConfigurationManager.AppSettings["ldapPath"].ToString();
if (!String.IsNullOrEmpty(dominName) && !String.IsNullOrEmpty(ldapPath))
{
DirectoryEntry entry = new DirectoryEntry(ldapPath, txtUsername.Text.ToString().Trim(), txtPassword.Text.ToString().Trim());
try
{
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(&(objectClass=user)(objectCategory=person))";
search.PropertiesToLoad.Add("samaccountname");
search.PropertiesToLoad.Add("mail");
search.PropertiesToLoad.Add("usergroup");
search.PropertiesToLoad.Add("displayname");//first name
foreach (System.DirectoryServices.SearchResult resEnt in search.FindAll())
{
System.DirectoryServices.DirectoryEntry de = resEnt.GetDirectoryEntry();
if (de.Properties["sAMAccountName"].Value != null && de.Properties["userAccountControl"].Value!=null)
{
StringBuilder sb = new StringBuilder();
sb.AppendLine("Name = " + de.Properties["sAMAccountName"].Value.ToString());
sb.AppendLine("Email = " + de.Properties["Mail"].Value.ToString());
}
}
Found Solution:
Here is my code:
var userAccountControlValue = 0;
int.TryParse(de.Properties["UserAccountControl"].Value.ToString(), out userAccountControlValue);
var isAccountDisabled = Convert.ToBoolean(userAccountControlValue & 0x0002);
var isNormalAccount = Convert.ToBoolean(userAccountControlValue & 0x0200);
if (de.Properties["sAMAccountName"].Value != null && de.Properties["userAccountControl"].Value != null && de.Properties["userPrincipalName"].Value != null && !isAccountDisabled && isNormalAccount)
{
//Add Employee details from AD
PaySlipPortal.Objects.Employee employee = new Employee();
employee.FirstName = de.Properties["givenName"].Value!=null?(string)de.Properties["givenName"].Value:"";
employee.Email = de.Properties["userPrincipalName"].Value != null ? (string)de.Properties["userPrincipalName"].Value : "";
employee.LastName = de.Properties["sn"].Value != null ?
(string)de.Properties["sn"].Value : "";
int deleteID= empBL.DeleteEmployee(employee.Email.Trim());
int empID = empBL.AddEmployee(employee);
}
Upvotes: 4
Views: 61004
Answers (3)
xyz patel
Reputation: 21
Last month the project manager asked me write to find all users information from the Active directory and which all fields are missing information for particular user. I was trying to search in Internet for information about .NET Active Directory examples, I could not able to find much information on the net, it prompted me write an article on this topic.
In this article, I will explain how to use Active Directory class and retrieve data from the component classes. You can cut and past below code lines and execute it but you need to pass domain name in Directory Entry constructor. Following example taken from one of my developed projects and modified for easy to understand.
I assumed that you have a general understanding of active directory before using this example. Step 1:
Add System.DirectoryServices.Dll (from Project Add reference)
System.DirectoryServices provides easy access to active directory from managed code. This namespace contains two components classes, DirectoryEntry and DirectorySearcher. Step 2:
Using System.DirectoryServices
Directory Entry Class: this class encapsulates a node or object in the active directory hierarchy. Use this class for binding to objects, reading properties and updating attributes. Step 3:
DirectoryEntry entry = new DirectoryEntry("LDAP://DomainName");
Directory Searcher: It will perform queries against the active directory hierarchy Step 4:
DirectorySearcher Dsearch = new DirectorySearcher(entry);
Step 5: Hide Copy Code
String Name="Richmond";
The Filter property supports for the all filter the information of the active directory.
Upvotes: 2
Badhon Ashfaq
Reputation: 851
recently i have worked on LDAP.I need to find all informations from AD.so, i have wrote some helper classes for finding them.Here are some example.
I have written 5 classes.see below
ActiveDirectoryHelper.cs
public class ActiveDirectoryHelper
{
private DirectoryEntry _directoryEntry = null;
private DirectoryEntry SearchRoot
{
get
{
if (_directoryEntry == null)
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = new DirectoryEntry(LDAPPath);//, LDAPUser, LDAPPassword, AuthenticationTypes.Secure);
}
}
return _directoryEntry;
}
}
private String LDAPPath
{
get
{
return ConfigurationManager.AppSettings["LDAPPath"];
}
}
//private String LDAPUser
//{
// get
// {
// return ConfigurationManager.AppSettings["LDAPUser"];
// }
//}
//private String LDAPPassword
//{
// get
// {
// return ConfigurationManager.AppSettings["LDAPPassword"];
// }
//}
private String LDAPDomain
{
get
{
return ConfigurationManager.AppSettings["LDAPDomain"];
}
}
internal ADUserDetail GetUserByFullName(String userName)
{
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = "(&(objectClass=user)(cn=" + userName + "))";
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry user = new DirectoryEntry(results.Path);// LDAPUser, LDAPPassword);
return ADUserDetail.GetUser(user);
}
else
{
return null;
}
}
}
catch (Exception ex)
{
return null;
}
}
public ADUserDetail GetUserByLoginName(String userName)
{
try
{
using (HostingEnvironment.Impersonate())
{
// This code runs as the application pool user
_directoryEntry = null;
string nn = "LDAP://PRIME.local/DC=PRIME,DC=local";
DirectoryEntry SearchRoot2 = new DirectoryEntry(nn);
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = "(&(objectClass=user)(SAMAccountName=" + userName + "))";
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry user = new DirectoryEntry(results.Path);//, LDAPUser, LDAPPassword);
return ADUserDetail.GetUser(user);
}
return null;
}
}
catch (Exception ex)
{
return null;
}
}
public ADUserDetail GetUserDetailsByFullName(String FirstName, String MiddleName, String LastName)
{
//givenName
// initials
// sn
//(initials=" + MiddleName + ")(sn=" + LastName + ")
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
//directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ") ())";
if (FirstName != "" && MiddleName != "" && LastName != "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ")(initials=" + MiddleName + ")(sn=" + LastName + "))";
}
else if (FirstName != "" && MiddleName != "" && LastName == "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ")(initials=" + MiddleName + "))";
}
else if (FirstName != "" && MiddleName == "" && LastName == "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + "))";
}
else if (FirstName != "" && MiddleName == "" && LastName != "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ")(sn=" + LastName + "))";
}
else if (FirstName == "" && MiddleName != "" && LastName != "")
{
directorySearch.Filter = "(&(objectClass=user)(initials=" + MiddleName + ")(sn=" + LastName + "))";
}
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry user = new DirectoryEntry(results.Path);//, LDAPUser, LDAPPassword);
return ADUserDetail.GetUser(user);
}
return null;
}
}
catch (Exception ex)
{
return null;
}
}
/// <summary>
/// This function will take a DL or Group name and return list of users
/// </summary>
/// <param name="groupName"></param>
/// <returns></returns>
public List<ADUserDetail> GetUserFromGroup(String groupName)
{
List<ADUserDetail> userlist = new List<ADUserDetail>();
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + groupName + "))";
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry deGroup = new DirectoryEntry(results.Path);//, LDAPUser, LDAPPassword);
System.DirectoryServices.PropertyCollection pColl = deGroup.Properties;
int count = pColl["member"].Count;
for (int i = 0; i < count; i++)
{
string respath = results.Path;
string[] pathnavigate = respath.Split("CN".ToCharArray());
respath = pathnavigate[0];
string objpath = pColl["member"][i].ToString();
string path = respath + objpath;
DirectoryEntry user = new DirectoryEntry(path);//, LDAPUser, LDAPPassword);
ADUserDetail userobj = ADUserDetail.GetUser(user);
userlist.Add(userobj);
user.Close();
}
}
return userlist;
}
}
catch (Exception ex)
{
return userlist;
}
}
#region Get user with First Name
public List<ADUserDetail> GetUsersByFirstName(string fName)
{
using (HostingEnvironment.Impersonate())
{
//UserProfile user;
List<ADUserDetail> userlist = new List<ADUserDetail>();
string filter = "";
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Asynchronous = true;
directorySearch.CacheResults = true;
filter = string.Format("(givenName={0}*", fName);
// filter = "(&(objectClass=user)(objectCategory=person)(givenName="+fName+ "*))";
directorySearch.Filter = filter;
SearchResultCollection userCollection = directorySearch.FindAll();
foreach (SearchResult users in userCollection)
{
DirectoryEntry userEntry = new DirectoryEntry(users.Path);//, LDAPUser, LDAPPassword);
ADUserDetail userInfo = ADUserDetail.GetUser(userEntry);
userlist.Add(userInfo);
}
directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + fName + "*))";
SearchResultCollection results = directorySearch.FindAll();
if (results != null)
{
foreach (SearchResult r in results)
{
DirectoryEntry deGroup = new DirectoryEntry(r.Path);//, LDAPUser, LDAPPassword);
ADUserDetail agroup = ADUserDetail.GetUser(deGroup);
userlist.Add(agroup);
}
}
return userlist;
}
}
#endregion
#region AddUserToGroup
public bool AddUserToGroup(string userlogin, string groupName)
{
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
ADManager admanager = new ADManager(LDAPDomain);//, LDAPUser, LDAPPassword);
admanager.AddUserToGroup(userlogin, groupName);
return true;
}
}
catch (Exception ex)
{
return false;
}
}
#endregion
#region RemoveUserToGroup
public bool RemoveUserToGroup(string userlogin, string groupName)
{
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
ADManager admanager = new ADManager("xxx");// LDAPUser, LDAPPassword);
admanager.RemoveUserFromGroup(userlogin, groupName);
return true;
}
}
catch (Exception ex)
{
return false;
}
}
#endregion
}
AccountManagementExtensions.cs
public static class AccountManagementExtensions
{
public static String GetProperty(this Principal principal, String property)
{
DirectoryEntry directoryEntry = principal.GetUnderlyingObject() as DirectoryEntry;
if (directoryEntry.Properties.Contains(property))
return directoryEntry.Properties[property].Value.ToString();
else
return String.Empty;
}
public static String GetCompany(this Principal principal)
{
return principal.GetProperty("company");
}
public static String GetDepartment(this Principal principal)
{
return principal.GetProperty("department");
}
}
ADManager.cs
public class ADManager
{
PrincipalContext context;
public ADManager()
{
context = new PrincipalContext(ContextType.Machine, "xxx", "xxx", "xxx");
}
public ADManager(string domain, string container)
{
context = new PrincipalContext(ContextType.Domain, domain, container);
}
public ADManager(string domain)//, string username, string password)
{
context = new PrincipalContext(ContextType.Domain);//, username, password);
}
public bool AddUserToGroup(string userName, string groupName)
{
bool done = false;
GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupName);
if (group == null)
{
group = new GroupPrincipal(context, groupName);
}
UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
if (user != null & group != null)
{
group.Members.Add(user);
group.Save();
done = (user.IsMemberOf(group));
}
return done;
}
public bool RemoveUserFromGroup(string userName, string groupName)
{
bool done = false;
UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupName);
if (user != null & group != null)
{
group.Members.Remove(user);
group.Save();
done = !(user.IsMemberOf(group));
}
return done;
}
}
ADProperties.cs
public static class ADProperties
{
public const String OBJECTCLASS = "objectClass";
public const String CONTAINERNAME = "cn";
public const String LASTNAME = "sn";
public const String COUNTRYNOTATION = "c";
public const String CITY = "l";
public const String STATE = "st";
public const String TITLE = "title";
public const String POSTALCODE = "postalCode";
public const String PHYSICALDELIVERYOFFICENAME = "physicalDeliveryOfficeName";
public const String FIRSTNAME = "givenName";
public const String MIDDLENAME = "initials";
public const String DISTINGUISHEDNAME = "distinguishedName";
public const String INSTANCETYPE = "instanceType";
public const String WHENCREATED = "whenCreated";
public const String WHENCHANGED = "whenChanged";
public const String DISPLAYNAME = "displayName";
public const String USNCREATED = "uSNCreated";
public const String MEMBEROF = "memberOf";
public const String USNCHANGED = "uSNChanged";
public const String COUNTRY = "co";
public const String DEPARTMENT = "department";
public const String COMPANY = "company";
public const String PROXYADDRESSES = "proxyAddresses";
public const String STREETADDRESS = "streetAddress";
public const String DIRECTREPORTS = "directReports";
public const String NAME = "name";
public const String OBJECTGUID = "objectGUID";
public const String USERACCOUNTCONTROL = "userAccountControl";
public const String BADPWDCOUNT = "badPwdCount";
public const String CODEPAGE = "codePage";
public const String COUNTRYCODE = "countryCode";
public const String BADPASSWORDTIME = "badPasswordTime";
public const String LASTLOGOFF = "lastLogoff";
public const String LASTLOGON = "lastLogon";
public const String PWDLASTSET = "pwdLastSet";
public const String PRIMARYGROUPID = "primaryGroupID";
public const String OBJECTSID = "objectSid";
public const String ADMINCOUNT = "adminCount";
public const String ACCOUNTEXPIRES = "accountExpires";
public const String LOGONCOUNT = "logonCount";
public const String LOGINNAME = "sAMAccountName";
public const String SAMACCOUNTTYPE = "sAMAccountType";
public const String SHOWINADDRESSBOOK = "showInAddressBook";
public const String LEGACYEXCHANGEDN = "legacyExchangeDN";
public const String USERPRINCIPALNAME = "userPrincipalName";
public const String EXTENSION = "ipPhone";
public const String SERVICEPRINCIPALNAME = "servicePrincipalName";
public const String OBJECTCATEGORY = "objectCategory";
public const String DSCOREPROPAGATIONDATA = "dSCorePropagationData";
public const String LASTLOGONTIMESTAMP = "lastLogonTimestamp";
public const String EMAILADDRESS = "mail";
public const String MANAGER = "manager";
public const String MOBILE = "mobile";
public const String PAGER = "pager";
public const String FAX = "facsimileTelephoneNumber";
public const String HOMEPHONE = "homePhone";
public const String MSEXCHUSERACCOUNTCONTROL = "msExchUserAccountControl";
public const String MDBUSEDEFAULTS = "mDBUseDefaults";
public const String MSEXCHMAILBOXSECURITYDESCRIPTOR = "msExchMailboxSecurityDescriptor";
public const String HOMEMDB = "homeMDB";
public const String MSEXCHPOLICIESINCLUDED = "msExchPoliciesIncluded";
public const String HOMEMTA = "homeMTA";
public const String MSEXCHRECIPIENTTYPEDETAILS = "msExchRecipientTypeDetails";
public const String MAILNICKNAME = "mailNickname";
public const String MSEXCHHOMESERVERNAME = "msExchHomeServerName";
public const String MSEXCHVERSION = "msExchVersion";
public const String MSEXCHRECIPIENTDISPLAYTYPE = "msExchRecipientDisplayType";
public const String MSEXCHMAILBOXGUID = "msExchMailboxGuid";
public const String NTSECURITYDESCRIPTOR = "nTSecurityDescriptor";
}
ADUserDetail.cs
public class ADUserDetail
{
private String _firstName;
private String _middleName;
private String _lastName;
private String _loginName;
private String _loginNameWithDomain;
private String _streetAddress;
private String _city;
private String _state;
private String _postalCode;
private String _country;
private String _homePhone;
private String _extension;
private String _mobile;
private String _fax;
private String _emailAddress;
private String _title;
private String _company;
private String _manager;
private String _managerName;
private String _department;
public String Department
{
get { return _department; }
}
public String FirstName
{
get { return _firstName; }
}
public String MiddleName
{
get { return _middleName; }
}
public String LastName
{
get { return _lastName; }
}
public String LoginName
{
get { return _loginName; }
}
public String LoginNameWithDomain
{
get { return _loginNameWithDomain; }
}
public String StreetAddress
{
get { return _streetAddress; }
}
public String City
{
get { return _city; }
}
public String State
{
get { return _state; }
}
public String PostalCode
{
get { return _postalCode; }
}
public String Country
{
get { return _country; }
}
public String HomePhone
{
get { return _homePhone; }
}
public String Extension
{
get { return _extension; }
}
public String Mobile
{
get { return _mobile; }
}
public String Fax
{
get { return _fax; }
}
public String EmailAddress
{
get { return _emailAddress; }
}
public String Title
{
get { return _title; }
}
public String Company
{
get { return _company; }
}
public ADUserDetail Manager
{
get
{
if (!String.IsNullOrEmpty(_managerName))
{
ActiveDirectoryHelper ad = new ActiveDirectoryHelper();
return ad.GetUserByFullName(_managerName);
}
return null;
}
}
public String ManagerName
{
get { return _managerName; }
}
private ADUserDetail(DirectoryEntry directoryUser)
{
String domainAddress;
String domainName;
_firstName = GetProperty(directoryUser, ADProperties.FIRSTNAME);
_middleName = GetProperty(directoryUser, ADProperties.MIDDLENAME);
_lastName = GetProperty(directoryUser, ADProperties.LASTNAME);
_loginName = GetProperty(directoryUser, ADProperties.LOGINNAME);
String userPrincipalName = GetProperty(directoryUser, ADProperties.USERPRINCIPALNAME);
if (!string.IsNullOrEmpty(userPrincipalName))
{
domainAddress = userPrincipalName.Split('@')[1];
}
else
{
domainAddress = String.Empty;
}
if (!string.IsNullOrEmpty(domainAddress))
{
domainName = domainAddress.Split('.').First();
}
else
{
domainName = String.Empty;
}
_loginNameWithDomain = String.Format(@"{0}\{1}", domainName, _loginName);
_streetAddress = GetProperty(directoryUser, ADProperties.STREETADDRESS);
_city = GetProperty(directoryUser, ADProperties.CITY);
_state = GetProperty(directoryUser, ADProperties.STATE);
_postalCode = GetProperty(directoryUser, ADProperties.POSTALCODE);
_country = GetProperty(directoryUser, ADProperties.COUNTRY);
_company = GetProperty(directoryUser, ADProperties.COMPANY);
_department = GetProperty(directoryUser, ADProperties.DEPARTMENT);
_homePhone = GetProperty(directoryUser, ADProperties.HOMEPHONE);
_extension = GetProperty(directoryUser, ADProperties.EXTENSION);
_mobile = GetProperty(directoryUser, ADProperties.MOBILE);
_fax = GetProperty(directoryUser, ADProperties.FAX);
_emailAddress = GetProperty(directoryUser, ADProperties.EMAILADDRESS);
_title = GetProperty(directoryUser, ADProperties.TITLE);
_manager = GetProperty(directoryUser, ADProperties.MANAGER);
if (!String.IsNullOrEmpty(_manager))
{
String[] managerArray = _manager.Split(',');
_managerName = managerArray[0].Replace("CN=", "");
}
}
private static String GetProperty(DirectoryEntry userDetail, String propertyName)
{
if (userDetail.Properties.Contains(propertyName))
{
return userDetail.Properties[propertyName][0].ToString();
}
else
{
return string.Empty;
}
}
public static ADUserDetail GetUser(DirectoryEntry directoryUser)
{
return new ADUserDetail(directoryUser);
}
}
And you just need to add your LDAP address at AppSettings section web.config file.If you need, u can add user name or password.otherwise,just add the LDAP address.
<appSettings>
<add key="LDAPPassword" value="" />
<add key="LDAPPath" value="" />
<add key="LDAPUser" value="" />
<add key="LDAPDomain" value="" />
</appSettings>
Include these classes on your project.Now you can get all informations from Active Directory.There are some method on "ActiveDirectoryHelper.cs". You can use them for retriving informations.
Upvotes: 25
st4hoo
Reputation: 2204
Try to look under "mail" property(not "Mail").
sb.AppendLine("Email = " + de.Properties["mail"].Value.ToString());
Here is AD user attributes reference(in case you would like to get something else): http://www.kouti.com/tables/userattributes.htm
Upvotes: 6
Related Questions
- fetch active directory user data using C#
- Need all users detail (Name, Email, Designation, Department) in the current organisation using C#
- Get Active Directory Information with ASP.NET without username and password
- Method to get user details from LDAP/AD
- getting an active directory user in C#
- How to get the current user's Active Directory details in C#
- How to retrieve all users of Active Directory?
- Get a full list of users from LDAP
- ASP.NET Get data from AD about user
- Active Directory: Retrieve User information