Hi, Is there a Active Directory Helper Class available somewhere? Just checking before I re-invent the wheel.
I need to
Validate a user in AD.
Get hhis/her member roles.
Thanks
views:
357answers:
3
+1
A:
System.DirectoryServices.ActiveDirectory namespace
http://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.aspx
Jason Watts
2009-06-12 00:25:19
This is really for interacting with and managing administrative aspects of ActiveDirectory -- schema, servers, sites, forests, etc. The user-related components are in a different namespace.
tvanfosson
2009-06-12 00:29:40
Thanks for the correction, duly noted
Jason Watts
2009-06-12 00:37:07
+6
A:
In .NET 3.5, you want to look in System.DirectoryServices.AccountManagement. For earlier, versions System.DirectoryServices has what you need, but it's a little more work.
using (var context = new PrincipalContext( ContextType.Domain ))
{
var valid = context.ValidateCredentials( username, password );
using (var user = UserPrincipal.FindByIdentity( context,
IdentityType.SamAccountName,
username ))
{
var groups = user.GetAuthorizationGroups();
}
}
tvanfosson
2009-06-12 00:27:35
I am developing on a laptop not part of the domain. Can I pass such request to AD?
Saif Khan
2009-06-12 00:40:07
If your users are local to the machine, you can use ContextType.Machine instead of ContextType.Domain to focus your queries against the local authorization store.
tvanfosson
2009-06-12 00:55:26
+2
A:
Here is some example code that I have been using:
using System.DirectoryServices;
public static string GetProperty(SearchResult searchResult,
string PropertyName)
{
if (searchResult.Properties.Contains(PropertyName))
return searchResult.Properties[PropertyName][0].ToString();
else
return string.Empty;
}
public MyCustomADRecord Login(string UserName, string Password)
{
string adPath = "LDAP://www.YourCompany.com/DC=YourCompany,DC=Com";
DirectorySearcher mySearcher;
SearchResult resEnt;
DirectoryEntry de = new DirectoryEntry(adPath, UserName, Password,
AuthenticationTypes.Secure);
mySearcher = new DirectorySearcher(de);
string adFilter = "(sAMAccountName=" + UserName + ")";
mySearcher.Filter = adFilter;
resEnt = mySearcher.FindOne();
return new MyCustomADRecord()
{
UserName = GetProperty(resEnt, "sAMAccountName"),
GUID = resEnt.GetDirectoryEntry().NativeGuid.ToString(),
DisplayName = GetProperty(resEnt, "displayName"),
FirstName = GetProperty(resEnt, "givenName"),
MiddleName = GetProperty(resEnt, "initials"),
LastName = GetProperty(resEnt, "sn"),
Company = GetProperty(resEnt, "company"),
JobTitle = GetProperty(resEnt, "title"),
Email = GetProperty(resEnt, "mail"),
Phone = GetProperty(resEnt, "telephoneNumber"),
ExtensionAttribute1 = GetProperty(resEnt, "extensionAttribute1")
};
}
Michael La Voie
2009-06-12 00:30:30