How do I find the data type of an AD attribute not having a value

Question

I am struggling to find the data type of AD attributes that are not having a value already. Thus far a resulting DirecoryEntry only contains a property for attributes that already have a value. I can't find a method to obtain information about all other attributes.

Adding a value to the 'PropertiesToLoad' doesn't seem to do anything. The returned DirectoryEntry object contains all attributes (with values) regardless of what is added here.

Code used:

public void Test(string ldapPath)
{
   Type orgType;
   try
   {
     using (DirectoryEntry searchRoot = GetSearchRoot(ldapPath))
     {
        using (DirectorySearcher search = new DirectorySearcher(searchRoot))
        {
            search.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=coen))";

            search.PropertiesToLoad.Add("msExchHomeServerName");

            SearchResult searchResult = search.FindOne();
            {
                using (DirectoryEntry entry = searchResult.GetDirectoryEntry())
                {
                    if (entry != null)
                    {
                        if (entry.Properties.Contains("msExchHomeServerName"))
                        {
                            orgType = entry.Properties["msExchHomeServerName"].GetType();
                        }
                        else // The value is empty and NOT present in the current 'entry.Properties' object.
                        {
                            throw new Exception("Unknown type");
                        }
                    }
                }
            }
        }
    }
   }
   catch (Exception e)
   {
     <handle exception>
   }
}

Is there a way to find the data type of the 'msExchHomeServerName' (or any of the 'empty' attributes) attribute?

Any help would be highly appreciated!

Coen

Answer 1

Thanks to Damien_The_Unbeliever who pointed me in the right direction, I managed to create the following method:

public Dictionary<string, ActiveDirectorySyntax> GetAttributeSyntaxes(List<string> lstAttributeNames)
{
    Dictionary<string, ActiveDirectorySyntax> dictRes = new Dictionary<string, ActiveDirectorySyntax>();

    if (lstAttributeNames.Count > 0)
    {
        DirectoryContext directoryContext = new DirectoryContext(DirectoryContextType.DirectoryServer,
                                                             m_Server, m_UserName, m_Password);

        using (ActiveDirectorySchema currentSchema = ActiveDirectorySchema.GetSchema(directoryContext))
        {
            using (ActiveDirectorySchemaClass objClass = currentSchema.FindClass("user"))
            {
                if (objClass != null)
                {
                    ReadOnlyActiveDirectorySchemaPropertyCollection propcol = objClass.GetAllProperties();

                    foreach (ActiveDirectorySchemaProperty schemaProperty in propcol)
                    {
                        foreach (string attrName in lstAttributeNames)
                        {
                            if (schemaProperty.Name.Equals(attrName))
                            {                                    
                                dictRes.Add(attrName, schemaProperty.Syntax);

                                break;
                            }
                        }
                    }
                }
            }
        }
    }

    return dictRes;
}

The returned 'schemaProperty.Syntax' contains sufficient information to determine the actual data type.

Thanks Damien!

Answer 2

Active Directory has a schema. Obvious to say, not obvious to think about since, by default, you cannot explore it.

However, you can Register the Active Directory Schema MMC Snap-In¹ and then, in a fresh instance of MMC, add that Snap-In.

This then allows you to explore the Classes and Attributes that make up your current AD schema (and add new classes/attributes if you know what you're doing and choose to do so).

msExchHomeServerName can then be discovered to be a "Unicode String", which means a plain string from C# should be acceptable. Note also that some types (particularly numeric ones) may also specify Minimums and Maximums which should be observed.

You can also explore the schema programatically via the ActiveDirectorySchema class, by e.g. calling ActiveDirectorySchema.GetCurrentSchema(); and then explore from there.

---

¹I cannot remember if you need to have installed the general Domain Admin tools (such as Users and Computers) in order for that DLL to exist on your system.