Reputation: 5929
UserPrincipal GetUnderlyingObject: properties missing
I'm trying to load the attribute physicalDeliveryOfficeName from a DirectoryEntry which is returned by the GetUnderlyingObject method of a UserPrincipal instance:
DirectoryEntry directoryEntry = principal.GetUnderlyingObject() as DirectoryEntry;
which means that the following statement returns false:
directoryEntry.Properties.Contains("physicalDeliveryOfficeName");
I know that this property can be loaded by adding the name to the StringCollection DirectorySearcher.PropertiesToLoad when using said DirectorySearcher.
My questions are, why doesn't the DirectoryEntry returned by the method GetUnderlyingObject contain all properties? And how can I load this property without using a DirectorySearcher?
Upvotes: 8
Views: 8968
Answers (2)
Reputation: 15026
Using RefreshCache:
UserPrincipal up = ...
using (DirectoryEntry de = up.GetUnderlyingObject() as DirectoryEntry)
{
foreach (var name in de.Properties.PropertyNames)
{
Console.WriteLine(name);
}
Console.WriteLine();
// The canonicalName attribute is operational (also called constructed).
// Active Directory does not actually save the value, but calculates it on demand. This is probably the issue. In ADSI we use the GetInfoEx
de.RefreshCache(new string[] { "canonicalName" });
var canonicalName = de.Properties["canonicalName"].Value as string;
}
PropertyNames:
objectClass
cn
sn
givenName
distinguishedName
instanceType
whenCreated
whenChanged
displayName
uSNCreated
memberOf
uSNChanged
nTSecurityDescriptor
name
objectGUID
userAccountControl
badPwdCount
codePage
countryCode
badPasswordTime
lastLogoff
lastLogon
pwdLastSet
primaryGroupID
objectSid
accountExpires
logonCount
sAMAccountName
sAMAccountType
userPrincipalName
objectCategory
dSCorePropagationData
lastLogonTimestamp
canonicalName property is missing.
Upvotes: 2
Reputation: 14700
Accessing all fields for a DirectoryEntry is a potentially slow and heavy operation. Some fields might not be replicated to all domain controllers, and so bringing the values might require accessing a remote and slow-to-access Global Catalog (GC) server.
Once you have a DirectoryEntry in hand and you want to pull a specific value, you can call the RefreshCache method, passing it the names of the properties you need.
Upvotes: 8
Related Questions
- "Properties" and "GetProperties" not available for UserPrincipal, unable to get 'Department' and other values
- How to get Active Directory Attributes not represented by the UserPrincipal class
- How I get Active Directory User Properties with System.DirectoryServices.AccountManagement Namespace?
- UserPrincipal.FindByIdentity returning null with Machine Context type
- UserPrincipal properties returning null
- UserPrincipal.FindByIdentity() always returns null
- UserPrincipal.FindByIdentity throws exception - There is no such object on the server
- Retrieving a user principal object using down-level user name
- UserPrincipal.FindByIdentity throws PrincipalServerDownException
- How to find a UserPrincipal where a property is not set using a PrincipalSearcher?