Menu
I'm trying to search for users in AD with their surname (sn) and first name (givenName) using DirectorySearcher in .NET.
I can find a user based on sAMAccountname with this code:
DirectorySearcher searcher1 = new DirectorySearcher(entry);
searcher1.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(SAMAccountname={0}))",aLogin);
SearchResult results1;
results1 = searcher1.FindOne();
But when I try to do it with givenName and sn:
DirectorySearcher searcher1 = new DirectorySearcher(entry);
searcher1.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(givenname={0})(sn={1})", aName, aSName);
SearchResultCollection results1;
results1 = searcher1.FindAll();
It doesn't work; the message says "Invalid Filter";
Can I not filter based on givenName and sn?
How can I achieve this?
441
The Get-ADUser cmdlet gets a specified user object or performs a search to get multiple user objects. The Identity parameter specifies the Active Directory user to get. You can identify a user by its distinguished name (DN), GUID, security identifier (SID), or Security Account Manager (SAM) account name.
Using Get-ADGroupMember in Powershell This command-let returns a list of Active Directory group members. Users, groups, and machines can all be members. Simply type the cmdlet in a PowerShell window and you'll be prompted to input the group name.
In Active Directory (AD), the display names of AD users can be obtained using the Get-ADUser cmdlet .
They must be different, they cannot be the same.
If you're using .NET 3.5 or newer, you could also make use of the PrincipalSearcher and a "query-by-example" principal to do your searching:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// define a "query-by-example" principal - here, we search for a UserPrincipal
// and with the first name (GivenName) of "Bruce" and a last name (Surname) of "Miller"
UserPrincipal qbeUser = new UserPrincipal(ctx);
qbeUser.GivenName = "Bruce";
qbeUser.Surname = "Miller";
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal" - it could be user, group, computer.....
}
If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement. Or see the MSDN documentation on the System.DirectoryServices.AccountManagement namespace.
Of course, depending on your need, you might want to specify other properties on that "query-by-example" user principal you create:
DisplayName (typically: first name + space + last name)SAM Account Name - your Windows/AD account nameUser Principal Name - your "[email protected]" style nameYou can specify any of the properties on the UserPrincipal and use those as "query-by-example" for your PrincipalSearcher.
177
You're missing a closing parentheses in your filter. Try:
searcher1.Filter = string.Format("(&(objectCategory=person)(objectClass=user)(givenname={0})(sn={1}))", aName, aSName);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
