CODEWITHSUNDEEP
c#active-directory
drieddust
drieddust

Reputation: 193

Active directory search for all groups and users matching a particular name in c# using System.DirectoryServices.AccountManagement?

It seems System.DirectoryServices.AccountManagement provides query by example which can only search one type of object at a time.

Does System.DirectoryServices.AccountManagement proves a method using which I can search entire active directory for users or groups matching a particular name or some other criteria or I have to go back to System.DirectoryServices.DirectorySearcher.

Upvotes: 2

Views: 2358

Answers (1)

marc_s
marc_s

Reputation: 754258

I believe you should be able to do this in S.DS.AM. Both the UserPrincipal as well as the GroupPrincipal ultimately descend from Principal - so if you pass in a "generic" principal to the searcher, you should get back both users and groups (and computers).

The only tricky part is that Principal is an abstract class, so you cannot directly instantiate it - you need to get a UserPrincipal first and "extract" the generic Principal from that:

// set up dummy UserPrincipal
UserPrincipal qbeUser = new UserPrincipal(ctx);

// get the generic Principal from that - set the "Name" to search for
Principal userOrGroup = qbeUser as Principal;
userOrGroup.Name = "SomeName";

// create a PrincipalSearcher based on that generic principal
PrincipalSearcher searcher = new PrincipalSearcher(userOrGroup);

// enumerate the results - you need to check what kind of principal you get back
foreach (Principal found in searcher.FindAll())
{
    // is it a UserPrincipal - do what you need to do with that...
    if (found is UserPrincipal)
    {
        ......
    }
    else if (found is GroupPrincipal)
    {
        // if it's a group - do whatever you need to do with a group....
    }
 }

Upvotes: 2

Related Questions