I'm trying to get a user out of Active directory using their username and password. Does anyone know how to do this in C# in addition to getting the security group they belong to?
Edit: This problem got more complicated (the requirements changed on me after a meeting). The security groups are nested within AD.
Look into the DirectoryEntry class.
Here is a sample:
Dim dirEntry As DirectoryEntry
dirEntry = New DirectoryEntry("your LDAP info", "administrator", "password")
Dim entries As DirectoryEntries = dirEntry.Children
'' // Set login name and full name.
Dim newUser As DirectoryEntry = entries.Add("CN=JONNY BOY", "User")
newUser.Properties("sAMAccountName").Add("jboy")
newUser.CommitChanges()
newUser.Invoke("SetPassword", "hi2343145gfdtgwdt")
Dim flags As Integer
flags = CInt(newUser.Properties("userAccountControl").Value)
'' //enable user below
newUser.Properties("userAccountControl").Value = flags And Not &H2
'' //disable user below
newUser.Properties("userAccountControl").Value = flags Or &H1
'' //lockout property
Dim l As Long
l = CType(newUser.Properties("lockoutTime").Value, Long)
If l <> 0 Then
'' //account is locked out
'' //so how do we unlock it?
'' //we unlock it by setting it to 0
newUser.Properties("lockoutTime").Value = 0
Else
'' //account is 0 it is NOT locked out
End If
newUser.CommitChanges()
Dim j As DirectoryEntry = entries.Find("CN=JONNY BOY", "User")
j.Properties("mail").Value = "[email protected]"
j.CommitChanges()
Take a look here: Finding what Groups/Distribution lists a specific user belongs to in active directory. Main point is related to tokenGroups property. BTW, you don't need to get with user password, just it's username.
I finally found the solution to this problem. The code in this article worked like a charm. Nested AD Groups