I am using a WCF service to expose certain Active Directory management functions to our help desk staff without giving them the group membership required to manipulate AD directly. Adding users to and removing users from groups is working like a champ with existing users, but every time I create a new user it throws back this fun code: ...
I have the following C# code in a project: DirectoryEntry root = new DirectoryEntry(@"LDAP://ad.mydomain.com"); DirectorySearcher ds = new DirectorySearcher(root); ds.DerefAlias = DereferenceAlias.Always; ds.SearchScope = SearchScope.Subtree; ds.Filter = "(|(name=John_Smith)(cn=John_Smith))"; SearchResultCollecti...
I have a list of user's security identifiers and I need to get a list of userPrincipalName's... is there any way that I can get it without loading up the users DirectoryEntry and pulling in the userPrincipalName property? I need the most efficient method possible because this is done a lot ...
I have a situation where I need to store a globally unique identifier that points to an Active Directory user account. I'm leaning towards the Guid because it is easier to store than the Sid. According to the MSDN entry, the property (which is a Nullable), will always return null if the ContextType is set to "Machine." I don't need to ...
I'm trying to remotely list members of the local Administrators group. The following code returns only local accounts which are members of the admin group - no domain groups or individual accounts are returned at all (BLAH\Domain Admins or BLAH\yajohn, for instance). Anyone have an idea? Public Function listLocalAdmins(ByVal mach...
I am porting an old 32-bit COM component that was written in VB6 for the purpose of reading and writing to an Active Directory server. The new solution will be in C# and will use SQL CLR user functions. The assembly that I am trying to deploy to SQL Server contains a reference to System.DirectoryServices. The project does compile wi...
Hi, I'm trying to diagnose a problem with a server application running on a Client site. Said application authenticates user credentials against a Domain Controller in an AD environment. The behavior we're seeing is periodically no users can authenticate through the server. We've essentially traced the failure to the "bind" failing. T...
Hi, I am trying to use the new System.DirectoryServices.AccountManagement library to search the Active Directory and get the LastLogon times for users. I am using code that is very similar to the code found here: http://www.codeproject.com/KB/system/usingAccountManagement.aspx I create a PrincipalContext object using a statement like:...
Question: I use the code found at http://support.microsoft.com/kb/306273 to add a windows user. The problem is i need to add the user to a group, but the groupnames are localized. E.g. the MS-example uses an english computer, which means you can get the guest group like this: grp = AD.Children.Find("Guests", "group") But on a non-eng...
I'm creating and updating Groups in Active Directory using the GroupPrincipal class in System.DirectoryServices.AccountManagement. When creating and updating, I also need to be able to set the ManagedBy property that you are able to set in the Managed By tab in the groups properties in the AD management console. Can it be done program...
I am having an issue using the GetAuthorizationGroups method of the UserPrincipal class in a web application. Using the following code, I am receiving "While trying to retrieve the authorization groups, an error (5) occurred" PrincipalContext context = new PrincipalContext(ContextType.Domain, null, "DC=MyCompany,DC=COM", "username", "p...
Using the System.DirectoryServices.Protocols namespace to add/modify attributes on an Active Directory group. Code: public void UpdateProperties(Dictionary<string, string> Properties) { List<DirectoryAttributeModification> directoryAttributeModifications; // ... Code to convert Properties dictionary to directoryAttributeModi...
I'm attempting to query AD in an ASP.Net (4.0) application that is running on Windows Server 2008 R2 (IIS7 installed). (It also fails when running as a 2.0 application as well) This is nothing new for me, as I've done this many times before. I wrote a small ASP.Net program that runs fine on my own machine (Windows XP with IIS6), but fa...
Working with the PrincipalContext in code that lies behind a WCF service. The WCF service is impersonating, to allow a 'pass-through' type authentication. While everything else I do with Active Directory (mostly the System.DirectoryServices.Protocols namespace) works fine in this scenario, for some reason the classes in System.Director...
Extending UserPrincipal to take advantage of its built-in properties... running into an issue when we overload the FindByIdentity() method. From Microsoft's example at http://msdn.microsoft.com/en-us/library/bb384372%28VS.90%29.aspx (parts excluded for brevity): [DirectoryRdnPrefix("CN")] [DirectoryObjectClass("inetOrgPerson")] publi...
I'm struggling with System.DirectoryServices.Protocols (S.DS.P) in an ASP.NET Helpdesk application to manage users and security groups. I want to implement connection pooling for my LDAP connections and I can´t really find any good articles or information about successful patterns for solving the problem with too many TIME_WAIT TCP co...
I am using the DirectoryServices.Protocols.SearchRequest type to make a request against an OpenDS store to retrieve some entries. I want to be able to control which attributes are returned for the entries in the response and thought the "Attributes" property would do it. However that property does not have a setter so I cannot do somethi...