How to upload an image file to Active Directory user profile in C# ?

Question

I need a method which will take an *.jpg image file and upload it to a user profile in the Active Directory of Windows AD 2003.

Also a method to retrieve the photo as stream or expose it as secure web service to be called by cross platform apps in java etc (Damn! am I asking too much!!!)

The file being uploaded will be a *.jpg which is basically a visual signature file created by a user.

Does anyone having any experience working with Active Directory in C# provide some information as to how this can be done with minimum implication related to security.

From the point of view of the Windows Active Directory Administrator what does he have to do to make this possible.Changes/provisions to schema of user profile etc.

The image is being uploaded so that it can be later retrieved from the AD to be inserted into PDF document for signature purposes.

Can this be done in C#? Or is there any done libraries etc?

Thanks in advance for your replies,snippets and solutions.

Answer 1

you'll find here a lot of articles and resources for active directory

i hop it will help

Active Directory in C#

Answer 2

The common AD attribute for a user photo is jpegPhoto but you can use what ever name you want

This sample shows the basic AD way to get and set an image stream. You need to flesh these methods out to be a useful class

Consider making your web service to just return the URL of the image. The request handler for that URL should then return the image with the correct content type etc. Much more useful in a web environment

using System;
using System.DirectoryServices;
using System.Collections;
using System.IO;

public class ADPhoto {

public void Set() {
  try {
    var de = new DirectoryEntry("LDAP://cn=username,cn=users,DC=domain, DC=com");
    de.Username = "username";
    de.Password = "password";
    var forceAuth = de.NativeObject;
    var fs = new FileStream("path\\photo.jpg", FileMode.Open);
    var br = new BinaryReader(fs);    
    br.BaseStream.Seek(0, SeekOrigin.Begin);
    byte[] ba = new byte[br.BaseStream.Length];
    ba = br.ReadBytes((int)br.BaseStream.Length);
    de.Properties["jpegPhoto"].Insert(0, ba);
    de.CommitChanges();
  }
  catch(Exception ex) {
    Console.WriteLine(ex.Message);
  }
}


public Stream Get() {
  var fs = new MemoryStream();
  try {
    var de = new DirectoryEntry("LDAP://cn=username,cn=users,DC=domain, DC=com");
    de.Username = "username";
    de.Password = "password";
    var forceAuth = de.NativeObject;
    var wr = new BinaryWriter(fs);
    byte[] bb = (byte[])de.Properties["jpegPhoto"][0];
    wr.Write(bb);
    wr.Close();
  }
  catch (Exception e) {
    Console.WriteLine(e.Message);
  }
  return fs;
}

}

Answer 3

Here's a series of blog postings with code that shows how to do it:

(The first shows how to get a photo in, the second shows how to get it out)

Using the jpegPhoto attribute in AD - Part I

Using the jpegPhoto attribute in AD - Part II

EDIT: Here's a generic function implementing the code from Part I:

void AddPictureToUser(
    string strDN,       // User Distinguished Name, in the form "CN=Joe User,OU=Employees,DC=company,DC=local"
    string strDCName,   // Domain Controller, ie: "DC-01"
    string strFileName // Picture file to open and import into AD
    )
{
    // Open file
    System.IO.FileStream inFile = new System.IO.FileStream(strFileName, System.IO.FileMode.Open, System.IO.FileAccess.Read);

    // Retrive Data into a byte array variable
    byte[] binaryData = new byte[inFile.Length];

    int bytesRead = inFile.Read(binaryData, 0, (int)inFile.Length);
    inFile.Close();

    // Connect to AD
    System.DirectoryServices.DirectoryEntry myUser = new System.DirectoryServices.DirectoryEntry(@"LDAP://" + strDCName + @"/" + strDN);

    // Clear existing picture if exists
    myUser.Properties["jpegPhoto"].Clear();

    // Update attribute with binary data from file
    myUser.Properties["jpegPhoto"].Add(binaryData);
    myUser.CommitChanges();
}

Answer 4

Each Active Directory User Profile will have a home folder. If you are not sure about this please checkout the below article http://support.microsoft.com/kb/816313 I believe that you have to upload the image file to this directory.

Also if this doesn't solve your problem, please update if you find something else.

MNK...