Menu
I haven't worked with an LDAP before so I am a bit lost. I need to connect to an LDAP source find a specific attribute and change it. The input for the program is a CSV file with a list of users. The program is supposed to read the UID from the CSV file find the record in the LDAP and replace a certain attribute. I haven't a clue how to do this. Could any one point me in the right direction please?
638
An LDAP query consists of the following major elements: Search DN - An LDAP directory is organized as a tree structure, with a root node and a number of branches off this root. The Search DN specifies at which node the search originates. Entries greater than this level in the tree are searched.
LDAP is used to search your active directory for information about users, computers, and groups within your Active Directory database. LDAP queries can be run from multiple different tools including PowerShell, ldapsearch, VB Scripts, and the saved queries feature in Active Directory Users and Computers.
Run the ldapsearch command with the --typesOnly option. $ ldapsearch --hostname localhost --port 1389 \ --baseDN "dc=example,dc=com" --typesOnly "(objectclass=*)" dn: dc=example,dc=com objectClass dc dn: ou=Groups,dc=example,dc=com objectClass ou ...
@KenL Almost got me there. I also had to set the AuthenticationType of the DirectoryEntry to get it to work. Also, pay attention to how you are using wildcards (Kleene Stars).
DirectoryEntry rootEntry = new DirectoryEntry("LDAP://some.ldap.server.com"); rootEntry.AuthenticationType = AuthenticationTypes.None; //Or whatever it need be DirectorySearcher searcher = new DirectorySearcher(rootEntry); var queryFormat = "(&(objectClass=user)(objectCategory=person)(|(SAMAccountName=*{0}*)(cn=*{0}*)(gn=*{0}*)(sn=*{0}*)(email=*{0}*)))"; searcher.Filter = string.Format(queryFormat, searchString); foreach(SearchResult result in searcher.FindAll()) { Console.WriteLine("account name: {0}", result.Properties["samaccountname"].Count > 0 ? result.Properties["samaccountname"][0] : string.Empty); Console.WriteLine("common name: {0}", result.Properties["cn"].Count > 0 ? result.Properties["cn"][0] : string.Empty); } First Element of response, using ADSI (old fashion)
How to do Almost everything (with ADSI) on Active Directory with C#
Second Element of response, begining .NET 3.5 Microsoft introduce 'Principal' and 'AccountManagement'.
How to do Almost everything (with AccountManagement) on Active Directory with C#
Third Element of response, you can use low level (native LDAP) protocol with System.DirectoryServices.Protocols (S.DS.P).
Remark : If you are interested in how to interrogate active directory from native code, you may have a look to LDAP C-Binding API as discribed in RFC 1823 specifies, Microsoft support it, see MS Strategy for Lightweight Directory Access Protocol (LDAP). You'll find the using and reference manuals of the Microsoft API in Lightweight Directory Access Protocol.
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
