Reputation: 76
I have a requirement to get the AD samAccountName in an MVC C# application that's deployed to an Azure Web App.
The app is Windows Authenticated against Azure AD which is synced with our local on premise AD servers using ADConnect.
When we run the Web App locally (Visual Studio 2017), the value that's returned from:
User.Identity.Name
is returned in the format DOMAIN\UserName
But when looking at the WebApp in Azure, the same code returns it in the format [email protected]
I appreciate that we won't be able to use User.Identity.Name to achieve a consistent result, but we do need a way of getting this information when the site is running Azure.
We've looked various ways of achieving this using Claims Descriptions and Extended Properties but have had no luck so far.
I've tried to give as much information as possible, but I'm working in conjunction with our infrastructure team so may not have provided enough, please let me know if more info is required.
Upvotes: 1
Views: 1292
Reputation: 40998
The "[email protected]" format would be the userPrincipalName
attribute of the account. So if you see an "@" in the name, you can connect to AD and search for the account and pull the sAMAccountName
. Something like this:
var searcher =
new DirectorySearcher(
new DirectoryEntry("LDAP://domain.co.uk"),
$"(&(objectClass=user)(userPrincipalName={User.Identity.Name}))");
searcher.PropertiesToLoad.Add("sAMAccountName");
var result = searcher.FindOne();
var sAmAccountName = result.Properties["sAMAccountName"][0] as string;
Upvotes: 2