Menu
I am looking to be able to pull a list of current OU's from Active Directory I have been looking at some example code online for sometime, but O don't seem to be able to get this to work.
string defaultNamingContext;
DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value.ToString();
DirectorySearcher ouSearch = new DirectorySearcher(rootDSE, "(objectClass=organizationalUnit)",
null, SearchScope.Subtree);
MessageBox.Show(rootDSE.ToString());
try
{
SearchResultCollection collectedResult = ouSearch.FindAll();
foreach (SearchResult temp in collectedResult)
{
comboBox1.Items.Add(temp.Properties["name"][0]);
DirectoryEntry ou = temp.GetDirectoryEntry();
}
The error I get is There provider does not support searching and cannot search LDAP://RootDSE Any Ideas? for each of those returned search results I want to add them to a combo box. (shouldn't be too hard)
738
How can I list all users in a particular organizational unit (OU)? Use the Get-ADUser cmdlet from the ActiveDirectory Module (available from the RSAT tools). Specify the SearchBase as the name of the OU, and use a wildcard pattern for the Filter.
An organizational unit (OU) is a container within a Microsoft Active Directory domain which can hold users, groups and computers. It is the smallest unit to which an administrator can assign Group Policy settings or account permissions.
To get an email address from display name, use the Get-AdUser Filter parameter to check where DisplayName is equal to provided displayname and get aduser from the active directory.
To create and manage OUs, select Active Directory Administrative Center from the list of administrative tools. The Tasks pane is shown on the right side of the Active Directory Administrative Center. Under the domain, such as aaddscontoso.com, select New > Organizational Unit.
You cannot search on the LDAP://RootDSE level - that's just an "informational" address with some stuff. It doesn't really represent any location in your directory. You need to bind to the default naming context first:
string defaultNamingContext;
DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value.ToString();
DirectoryEntry default = new DirectoryEntry("LDAP://" + defaultNamingContext);
DirectorySearcher ouSearch = new DirectorySearcher(default,
"(objectClass=organizationalUnit)",
null, SearchScope.Subtree);
Once you do that, you should be OK to find all OU's in your domain.
And in order to speed things up, I would recommend not searching using objectClass - that property is not indexed in AD. Use objectCategory instead, which is indexed:
DirectorySearcher ouSearch = new DirectorySearcher(default,
"(objectCategory=Organizational-Unit)",
null, SearchScope.Subtree);
UPDATE:
I discovered this filter is wrong - even though the objectCategory is shown as CN=Organizational-Unit,..... in the ADSI browser, you need to specify objectCategory=organizationalUnit in the search for it to succeed:
DirectorySearcher ouSearch = new DirectorySearcher(default,
"(objectCategory=organizationalUnit)",
null, SearchScope.Subtree);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
