get mail address from ActiveDirectory

Question

Please can someone help...

tried these answers to these questions Questions on SO

String account = userAccount.Replace(@"Domain\", "");
        DirectoryEntry entry = new DirectoryEntry();

        try {
            DirectorySearcher search = new DirectorySearcher(entry);

            search.PropertiesToLoad.Add("mail");  // e-mail addressead

            SearchResult result = search.FindOne();
            if (result != null) {



                return result.Properties["mail"][0].ToString();


            } else {
                return "Unknown User";
            }


        } catch (Exception ex) {

            return ex.Message;
        }

Can anyone see the issue or point in the right direction.

Answer 1

You forgot a filter.

Try adding this before calling FindOne:

search.Filter = String.Format("(sAMAccountName={0})", account);

Answer 2

I have used this code successfully (where "account" is the user logon name without the domain (domain\account):

// get a DirectorySearcher object
DirectorySearcher search = new DirectorySearcher(entry);

// specify the search filter
search.Filter = "(&(objectClass=user)(anr=" + account + "))";

// specify which property values to return in the search
search.PropertiesToLoad.Add("givenName");   // first name
search.PropertiesToLoad.Add("sn");          // last name
search.PropertiesToLoad.Add("mail");        // smtp mail address

// perform the search
SearchResult result = search.FindOne();

Answer 3

[update: fredrick nailed it....]

Jakob is right. You need to filter your search. You can do all sorts of ands and ors there too if you need to, but I think sAMAccountName is enough. You might want to fire up the ADSI tool (it's in the resource kit I think), which lets you walk AD like the registry. it's great for looking at properties. Then find a user, work out what prop you want (mail in this case) and what it's "primary key" is - sAMAccountName is a good one, but you may also want to filter on the node type.

I'm on a mac, so I can't check it for you, but each node in AD has a type, and you can add that to your filter. I think it looks like this:

((sAMAccountName=bob) & (type=User))

Again, check that - I know it's not type=user, but something LIKE that.

Answer 4

Also, where do you pull the username from (stored, user input, current identity)? A username can change (be renamed) easily - the SID/Windows Logon Identity on the other hand does not change - so you would be better off doing filters/searches by SID rather than samaccountname - if possible and/or needed design-wise...