Menu
Is there a Active Directory Helper Class available somewhere? Just checking before I re-invent the wheel.
I need to
Validate a user in AD.
Get hhis/her member roles.
Thanks
762
DirectoryEntry can be used to access regular entries and some, but not all, information from schema entries. The Active Directory Domain Services hierarchy contains up to several thousand nodes. Each node represents an object, such as a network printer or a user in a domain.
A directory entry file is a data file that provides information about a menu. The directory entry file specifies the details for the menu such as a name, a tooltip, and an icon. Directory entry files have a . directory file extension.
FindAll Method (System. DirectoryServices) Executes the search and returns a collection of the entries that are found.
LDAP. We have an web application developed using c#(VS 2008/3.5 framework). The application uses the mode of authentication as "Windows" with a service account present in domain (Domain1) to run the application as ASP.Net user. We have authentication to be done for the users present in different domain (Domain 2).
In .NET 3.5, you want to look in System.DirectoryServices.AccountManagement. For earlier, versions System.DirectoryServices has what you need, but it's a little more work.
using (var context = new PrincipalContext( ContextType.Domain ))
{
var valid = context.ValidateCredentials( username, password );
using (var user = UserPrincipal.FindByIdentity( context,
IdentityType.SamAccountName,
username ))
{
var groups = user.GetAuthorizationGroups();
}
}
Here is some example code that I have been using:
using System.DirectoryServices;
public static string GetProperty(SearchResult searchResult,
string PropertyName)
{
if (searchResult.Properties.Contains(PropertyName))
return searchResult.Properties[PropertyName][0].ToString();
else
return string.Empty;
}
public MyCustomADRecord Login(string UserName, string Password)
{
string adPath = "LDAP://www.YourCompany.com/DC=YourCompany,DC=Com";
DirectorySearcher mySearcher;
SearchResult resEnt;
DirectoryEntry de = new DirectoryEntry(adPath, UserName, Password,
AuthenticationTypes.Secure);
mySearcher = new DirectorySearcher(de);
string adFilter = "(sAMAccountName=" + UserName + ")";
mySearcher.Filter = adFilter;
resEnt = mySearcher.FindOne();
return new MyCustomADRecord()
{
UserName = GetProperty(resEnt, "sAMAccountName"),
GUID = resEnt.GetDirectoryEntry().NativeGuid.ToString(),
DisplayName = GetProperty(resEnt, "displayName"),
FirstName = GetProperty(resEnt, "givenName"),
MiddleName = GetProperty(resEnt, "initials"),
LastName = GetProperty(resEnt, "sn"),
Company = GetProperty(resEnt, "company"),
JobTitle = GetProperty(resEnt, "title"),
Email = GetProperty(resEnt, "mail"),
Phone = GetProperty(resEnt, "telephoneNumber"),
ExtensionAttribute1 = GetProperty(resEnt, "extensionAttribute1")
};
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
