Reputation: 1790
c# against Active Directory over LDAP
I'm coding some c# against Active Directory and have tried endlessly to get this to work to no avail. The following code works and the code that follows it does not:
The code below is using "WinNT://" + Environment.MachineName + ",Computer" to make the connection and works fine.
DirectoryEntry localMachine = new DirectoryEntry
("WinNT://" + Environment.MachineName + ",Computer");
DirectoryEntry admGroup = localMachine.Children.Find
("Administrators", "group");
object members = admGroup.Invoke("members", null);
foreach (object groupMember in (IEnumerable)members)
{
DirectoryEntry member = new DirectoryEntry(groupMember);
output.RenderBeginTag("p");
output.Write(member.Name.ToString());
output.RenderBeginTag("p");
}
base.Render(output);
I'm now trying to change the line:
"WinNT://" + Environment.MachineName + ",Computer"
to
"LDAP://MyDomainControllerName"
but it seems no matter what value I try in place of the value 'MyDomainControllerName' it wont work.
To get the 'MyDomainControllerName' value I right clicked on MyComputer and copied the computer name value as suggested elsewhere but this didn't work.
When I try using the LDAP://RootDSE option above it results in the following error:
The Active Directory object located at the path LDAP://RootDSE is not a container
Is this a problem with the member methods as you mention?
Upvotes: 3
Views: 21692
Answers (5)
Reputation: 754220
Yes- RootDSE is not a container - but it holds a number of interesting properties which you can query for - e.g. the name of your domain controller(s).
You can check these out by using code like this:
DirectoryEntry deRoot = new DirectoryEntry("LDAP://RootDSE");
if (deRoot != null)
{
Console.WriteLine("Default naming context: " + deRoot.Properties["defaultNamingContext"].Value);
Console.WriteLine("Server name: " + deRoot.Properties["serverName"].Value);
Console.WriteLine("DNS host name: " + deRoot.Properties["dnsHostName"].Value);
Console.WriteLine();
Console.WriteLine("Additional properties:");
foreach (string propName in deRoot.Properties.PropertyNames)
Console.Write(propName + ", ");
Console.WriteLine();
}
Or save yourself the trouble and go grab my "Beavertail ADSI Browser" in C# source code - shows in detail how to connect to RootDSE and what it offers.
Upvotes: 7
Reputation: 8005
It looks like you need to get the LDAP connection information. You can call LDAP://RootDSE to get the information as shown in the ASP.NET Wiki.
Please keep in mind that the LDAP objects do not have the same member methods and properties as the WINNT objects, so do not expect the group.Invoke("members") and other functions to work exactly the same. You should read up on the DirectoryServices documentation with LDAP as well.
Upvotes: 0
Reputation: 741
When connecting to AD using the .NET Framework, you can use "serverless" binding or you can specify a server to use everytime (server bound).
Here's an example of using both:
// serverless
DirectoryEntry rootConfig = new DirectoryEntry("LDAP://dc=domainname,dc=com");
// server bound
DirectoryEntry rootEntry = new DirectoryEntry("LDAP://domainControllerName/dc=domainName,dc=com");
I think where you were going astray is you forgot to include the FQDN for your domain on the end. Hope this helps.
Upvotes: 6
Reputation:
have you tried speciying the port number and other parms?
Our ldap string looks like: LDAP://myserver:1003/[email protected]|1,ou=Members,o=mdhfw2
Upvotes: 0
Reputation: 18215
You need to pass it an authorized Username and password.
try setting: DirectoryEntry.Username and DirectoryEntry.Password
Upvotes: 0
Related Questions
- How to connect to Active Directory via LDAPS in C#?
- Connect to Active Directory via LDAP
- Login authentication via LDAP
- C# authenticate user under LDAP Domain
- LDAP connection with C# desktop application
- Using C# to authenticate user against LDAP
- Forms Authentication against Active Directory - LDAP Protocol
- Connect to LDAP server using C#
- How to authenticate in LDAP?
- Active Directory Authentication With C#