How can I access AD from machines not on the domain. I have an app which needs to run on some machines which are part of the domain and some which are not.
I assume I have to present a valid login token from the machine which is not in the domain, however the username and password must be.
What book is recommended for .net and AD
The System.DirectoryServices namespace offers a bunch of classes to help you connect to AD, the DirectoryEntry class allows you to specify a username and password for your credentials so that might get you started.
Additionally, there is the System.DirectoryServices.AccountManagement namespace that has even more classes that abstract working with AD even better.
I've never read any books about AD with .NET, but Microsoft Hey, Scripting Guy has a bunch of scripts they use for talking to AD and you can learn a lot just from those, for example writing queries and accessing property names. That and they are just a lot of fun to read :)
You can use the constructor on a PrincipalContext that takes the name of the domain to query, a username and password to use when accessing the domain. This version will also let you specify which server to contact to do your query.
using (var context = new PrincipalContext( ContextType.Domain,
"dc.example.com",
authUser,
authPassword)) {
var valid = context.ValidateUser( userName, userPassword );
...
}
The best .NET programming book for Active Directory / LDAP in my opinion is The .NET Developer's Guide to Directory Services Programming by Joe Kaplan and Ryan Dunn. Excellent read, very broad, very deep, very complete. Highly recommended!
Marc