CODEWITHSUNDEEP
c#active-directory
KWallace
KWallace

Reputation: 1700

How to get Active Directory User Account Attributes in C#

I can successfully get a complete list of all AD Attributes with the following code (including things like extensionAttribute1 - 15)

// get whatever attributes are available

List<string> allAttributes = new List<string>();

var context = new DirectoryContext(DirectoryContextType.Forest, "mydomain.com");

using (var schema = System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema.GetSchema(context)) {

    var userClass = schema.FindClass("user");

    foreach (ActiveDirectorySchemaProperty property in userClass.GetAllProperties()) {
        allAttributes.Add(property.Name);
    }

}

However, when I retrieve a user account with the following code, most of these attributes (especially the extensionAttributes) are not present:

SearchResultCollection results;
DirectoryEntry de = new DirectoryEntry("LDAP://RootDSE");
DirectorySearcher ds = new DirectorySearcher("LDAP://" + de.Properties["defaultNamingContext"][0].ToString());

ds.Filter = "(&(objectCategory=User)(objectClass=person))";

results = ds.FindAll();

foreach (SearchResult sr in results) {
    Console.WriteLine(sr.Properties["extensionAttribute1"][0].ToString()); // == null
}

What am I doing wrong?

Upvotes: 0

Views: 1755

Answers (1)

Gabriel Luci
Gabriel Luci

Reputation: 41018

most of these attributes (especially the extensionAttributes) are not present

That is normal. Attributes are only returned if they have a value. If an attribute does not have a value, it is not returned at all.

Upvotes: 2

Related Questions