How do I set the Manager Attribute on the UserPrincipal object in Active Directory in C#

Question

I am trying to set the attribute Manager on an object of type UserPrincipal documented here:

http://msdn.microsoft.com/en-us/library/windows/desktop/ms680857(v=vs.85).aspx

but cannot simply say

UserPrincipal.Manager = "some value" 

Can someone please explain to me how this works? Thanks!

Answer 1

The basic UserPrincipal in the S.DS.AM namespace does not feature that attribute - but you can extend the user principal class and add additional attributes that you need.

Read more about it here:

Managing Directory Security Principals in the .NET Framework 3.5
(there's a section on extensibility towards the end of the article)

Here's the code:

[DirectoryRdnPrefix("CN")]
[DirectoryObjectClass("Person")]
public class UserPrincipalEx : UserPrincipal
{
    // Inplement the constructor using the base class constructor. 
    public UserPrincipalEx(PrincipalContext context) : base(context)
    { }

    // Implement the constructor with initialization parameters.    
    public UserPrincipalEx(PrincipalContext context,
                         string samAccountName,
                         string password,
                         bool enabled) : base(context, samAccountName, password, enabled)
    {} 

    // Create the "Manager" property.    
    [DirectoryProperty("manager")]
    public string Manager
    {
        get
        {
            if (ExtensionGet("manager").Length != 1)
                return string.Empty;

            return (string)ExtensionGet("manager")[0];
        }
        set { ExtensionSet("manager", value); }
    }

    // Implement the overloaded search method FindByIdentity.
    public static new UserPrincipalEx FindByIdentity(PrincipalContext context, string identityValue)
    {
        return (UserPrincipalEx)FindByIdentityWithType(context, typeof(UserPrincipalEx), identityValue);
    }

    // Implement the overloaded search method FindByIdentity. 
    public static new UserPrincipalEx FindByIdentity(PrincipalContext context, IdentityType identityType, string identityValue)
    {
        return (UserPrincipalEx)FindByIdentityWithType(context, typeof(UserPrincipalEx), identityType, identityValue);
    }
}

Now you can find and work with a UserPrincipalEx class which has the .Manager property for you to use:

UserPrincipalEx userEx = UserPrincipalEx.FindByIdentity(ctx, "YourUserName");

// the .Manager property contains the DN (distinguished name) for the manager of this user
var yourManager = userEx.Manager;

Answer 2

I love the example but totally get where the RatBoyStl is coming from. Sometimes you just want a value and not a new class.

If you have a UserPrinciple object for a given user then you can easily retrieve the manager property with this code. I took it a step futher and used the manager value to find their UserPrinciple and display the email address.

            //set the principal context to the users domain
        PrincipalContext pc = new PrincipalContext(ContextType.Domain, userDomain);

        //lookup the user id on the domain
        UserPrincipal up = UserPrincipal.FindByIdentity(pc, userId);
        if (up == null)
        {
            Console.WriteLine(string.Format("AD USER NOT FOUND {0}", userGc));
            return;

        }

        //grab the info we need from the domain
        Console.WriteLine(up.ToString());

        DirectoryEntry d = up.GetUnderlyingObject() as DirectoryEntry;
        string managerCN = d.Properties["manager"].Value.ToString(); 
        Console.WriteLine(managerCN);

        UserPrincipal manager = UserPrincipal.FindByIdentity(pc, managerCN);
        Console.WriteLine(manager.EmailAddress);