If I set the .NET DirectoryEntry.Path to something like:
LDAP://CN=John Smith,OU=Group Name,DC=example,DC=com
Everything works great, and I get the DirectoryEntry I need. However, I don't know the user's true Common Name (CN). I only know their username, "John.Smith".
So, how can I query the username? I have tried all the following without success:
LDAP://CN=John.Smith,OU=Group Name,DC=example,DC=com
LDAP://sAMAccountName=John.Smith,OU=Group Name,DC=example,DC=com
LDAP://userPrincipalName=John.Smith,OU=Group Name,DC=example,DC=com
LDAP://[email protected],OU=Group Name,DC=example,DC=com
LDAP://uid=John.Smith,OU=Group Name,DC=example,DC=com
LDAP://o=John.Smith,OU=Group Name,DC=example,DC=com
The easiest way to search LDAP is to use ldapsearch with the “-x” option for simple authentication and specify the search base with “-b”. If you are not running the search directly on the LDAP server, you will have to specify the host with the “-H” option.
You can't just query by means of creating an LDAP string - you'll need to use code for that.
Something like:
DirectoryEntry deRoot = new DirectoryEntry("LDAP://yourserver/CN=Users,dc=YourCompany,dc=com");
DirectorySearcher dsFindUser = new DirectorySearcher(deRoot);
dsFindUser.SearchScope = SearchScope.SubTree;
dsFindUser.PropertiesToLoad.Add("sn"); // surname = last name
dsFindUser.PropertiesToLoad.Add("givenName"); // first name
dsFindUser.Filter = string.Format("(&(objectCategory=Person)(anr={0}))", yourUserName);
SearchResult rseult = dsFindUser.FindOne();
if(result != null)
{
if(result.Properties["sn"] != null)
{
string lastName = result.Properties["sn"][0].ToString();
}
if(result.Properties["givenName"] != null)
{
string lastName = result.Properties["givenName"][0].ToString();
}
}
The full MSDN documentation on the System.DirectoryServices.DirectorySearcher class can be found on MSDN - it has lots of additional properties and settings.
If you're on .NET 3.5, things have gotten quite a bit easier with a strongly-typed library of routines for handling users and groups - see this excellent MSDN article on the topic for more info.
Hope this helps
Marc
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With