Active Directory DirectorySearcher is not returning all of the available properties

Question

I am writting a new progam for my boss that will replace this old VBS that they are currently using.

So the program is suppose to go into the AD and collect the Name of all the employees and their email addresses. My problem is that each user has around 60ish properties assigned to them but my program is only pulling in 32 fields, one of which is the CN which is half of what I need. Of course mail is not one of the properties being imported. I have also noticed while debugging that I think is is only bring in the emlpoyees from the Long Island branches and not from everywhere which I dont understand why. Any help would be greatly appreciated!! =D

using System;
using System.IO;
using System.Collections.Generic;
using System.Text;
using System.DirectoryServices;
using Microsoft.Office.Interop.Excel;
using System.DirectoryServices.ActiveDirectory; 


namespace EmailListing
{
    class Program
    {
        static void Main(string[] args)
        {


            DirectoryEntry adFolderObject = new DirectoryEntry("LDAP://OU=PHF Users,DC=phf,DC=inc");


            DirectorySearcher adSearchObject = new DirectorySearcher(adFolderObject);
            adSearchObject.SearchScope = SearchScope.Subtree;



            adSearchObject.Filter = "(&(ObjectClass=user)(!description=Built-in*))";




            foreach (SearchResult adObject in adSearchObject.FindAll())
             {
                 //mail = adObject.Properties["mail"].ToString();

                Console.Write(adObject.Properties["cn"][0]); 
                Console.Write(".        ");
                //Console.WriteLine(mail);





             }

            Console.WriteLine();
            Console.ReadLine();
        }
    }
}

Answer 1

You can use a PrincipalSearcher and a "query-by-example" principal to do your searching:

// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// define a "query-by-example" principal - here, we search for a UserPrincipal 
UserPrincipal qbeUser = new UserPrincipal(ctx);

// create your principal searcher passing in the QBE principal    
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);

// find all matches
foreach(var found in srch.FindAll())
{
    // do whatever here - "found" is of type "Principal" - it could be user, group, computer.....          
    UserPrincipal foundUser = found as UserPrincipal;

    if (foundUser != null && !foundUser.Description.StartsWith("Built-In"))
    {
        string firstName = foundUser.GivenName;
        string lastName = foundUser.Surname;
        string email = foundUser.EmailAddress;
    }
}

If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement. Or see the MSDN documentation on the System.DirectoryServices.AccountManagement namespace.

Of course, depending on your need, you might want to specify other properties on that "query-by-example" user principal you create:

• DisplayName (typically: first name + space + last name)
• SAM Account Name - your Windows/AD account name
• User Principal Name - your "[email protected]" style name

You can specify any of the properties on the UserPrincipal and use those as "query-by-example" for your PrincipalSearcher.