Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

search by samaccountname with wildcards

I have this code:

 public static DataTable ExecutesAMAccountNameQuery(string sAMAccountName)
        {
            string filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + sAMAccountName + "))";
            return ExecuteADQuery("GC:", filter);
        }

It only works with the full username, I dont know the syntax to make it work with wildcards, like a LIKE in sql?

Thanks

like image 499
Luis Valencia Avatar asked Mar 09 '12 13:03

Luis Valencia


People also ask

Can you use wildcards in Active Directory search?

Active Directory Wildcard Searches with PowerShellYou can literally use wildcards (“*”) in your LDAP filters. You just don't need that with ANR as they are inherently wildcard searches.

How do I use a wildcard on ADUC?

I do not often dabble in Active Directory, but today I learned something useful. Namely how to search for AD-groups and users using wildcard. A bit basic, indeed, but you learn something new every day. =) Simply go to search > Advanced > Field > Group > Name and “is (exactly)” and then use * for wild card.


1 Answers

If you're using .NET 3.5 or newer, you can use a PrincipalSearcher and a "query-by-example" principal to do your searching:

// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// define a "query-by-example" principal - here, we search for a UserPrincipal 
UserPrincipal qbeUser = new UserPrincipal(ctx);
qbeUser.SamAccountName = "Esteban*";

// create your principal searcher passing in the QBE principal    
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);

// find all matches
foreach(var found in srch.FindAll())
{
    // do whatever here - "found" is of type "Principal" - it could be user, group, computer.....          
}

If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement. Or see the MSDN documentation on the System.DirectoryServices.AccountManagement namespace.

Of course, depending on your need, you might want to specify other properties on that "query-by-example" user principal you create:

  • DisplayName (typically: first name + space + last name)
  • SAM Account Name - your Windows/AD account name
  • User Principal Name - your "[email protected]" style name

You can specify any of the properties on the UserPrincipal and use those as "query-by-example" for your PrincipalSearcher.

like image 77
marc_s Avatar answered Sep 17 '22 13:09

marc_s