views:

19

answers:

0

I am using the System.DirectoryServices.AccountManagement class for querying the Active Directory.

I'm able to query the domain using various contexts fine, but every example I've found requires a domain name.

string domain = "MYDOMAIN";
PrincipalContext ctx= new PrincipalContext(ContextType.Domain, domain);

Normally this wouldn't be a problem, however, we have some users who exist on a sub-domain. I've found a means of searching for their account details by parsing the domain information out of their user.identity.name.

string loggedUser = User.Identity.Name;
string domain = loggedUser.Split(new char { '\\' })[0];
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domain);
using (ctx) {
  // Do searches, etc. here
}

We were hoping to swap over to use of GUIDs as our unique identifier, as I am lead to believe that GUIDs are unique across all domains, whereas names can change (marriages, divorces, etc.)

Using an old directory searcher web service, we are able to query the Global Catalog (GC) and find the user regardless of their domain or sub-domain, since the domains are trusted...I'm looking for that same 'feature' of a GC search using the new 3.5 S.DS.AM class. Is it even possible?