tags:

views:

358

answers:

2
Q: 

How to determine user DN after authentication against an Active Directory?

I'm using DirectoryServices to authenticate a user against an ADLDS (the lighteweight Active Directory). After I pass authentication. How can I determine the DN or SID of the currently logged in user?

using (DirectoryEntry entry = new DirectoryEntry(<a>LDAP://XYZ:389</a>,
userName.ToString(),
password.ToString(),
AuthenticationTypes.Secure))
{
try
{
// Bind to the native object to force authentication to happen
Object native = entry.NativeObject;
MessageBox.Show("User authenticated!");
}
catch (Exception ex)
{
throw new Exception("User not authenticated: " + ex.Message);
}
...

Thanks

+1  A: 

To my knowledge you will have to do an LDAP Search for the user and get the distinguishedName property from AD. See below:

// you can use any root DN here that you want provided your credentials
// have search rights
DirectoryEntry searchEntry = new DirectoryEntry("LDAP://XYZ:389");

DirectorySearcher search = new DirectorySearcher(searchEntry);
search.Filter = "(&(objectclass=user)(objectCategory=person)" +
  "(sAMAccountName=" + userName + "))";    

if (search != null)
{
  search.PropertiesToLoad.Add("sAMAccountName");
  search.PropertiesToLoad.Add("cn");
  search.PropertiesToLoad.Add("distinguishedName");

  log.Info("Searching for attributes");

  // find firest result
  SearchResult searchResult = null;
  using (SearchResultCollection src = search .FindAll())
  {
 if (src.Count > 0)
   result = src[0];
  }

  if (searchResult != null)
  {
    // Get DN here
    string DN = searchResult.Properties["distinguishedName"].ToString();
  }
mjmarsh  2010-04-08 16:23:22
mjmarsh Thanks ~ but I get an exception at src = search.FindAll()There is no such object on the server.------I realized the user logging in has a class type "foreignSecurityPrincipal" in the Active Directory lightweight so I figured perhaps I can just modify your filter to be:search.Filter = "(But that gave me the same exception. Any idea what I am missing? I feel like your code is getting me very close to what I need.
sOltan  2010-04-08 20:41:30
+1  A: 

Thanks ~ but I get an exception at 

src = search.FindAll() 
There is no such object on the server.

I realized the user logging in has a class type "foreignSecurityPrincipal" in the Active Directory lightweight so I figured perhaps I can just modify your filter to be:

search.Filter = "(&(objectclass=foreignSecurityPrincipal)" + "(sAMAccountName=" + userName + "))";

But that gave me the same exception. Any idea what I am missing? I feel like your code is getting me very close to what I need.

sOltan  2010-04-08 22:54:59

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?