I have an LDAP query, which I am using to perform a search in C#. It uses two string variables (username and domain) which need to be escaped for security reasons.
How should I escape the strings? Is there a function available in C#.NET to do this?
Example LDAP search conditions :
(objectCategory=person)
(userprincipalname=username@domain*)
(samaccountname=username)
Example LDAP query string in C# :
string search = "(&(&(objectCategory=person)(userprincipalname="
+ username
+ "@"
+ domain
+ "*)(samaccountname="
+ username
+ ")))";
Edit: I already have the LDAP query working, and returning results. All I want is to escape the parameters.