访问Active Directory以在asp.net中获得用户管理器

Question

I am making a user management module of an application that will basically authenticate user credentials based on their domain login details. Authenticating is not a problem, what is a problem is that I need to get that particular user's manager.

I am using the following method to retrieve the "Manager" property of the user:

DirectoryEntry de = new DirectoryEntry(path, user, pass, AuthenticationTypes.Secure);
DirectorySearcher ds = new DirectorySearcher();
ds.SearchRoot = new DirectoryEntry("LDAP://xyzDomain", "UserName", "pwd");
ds.Filter = "(|(&(objectCategory=person)(objectClass=user)(mailnickname=*domainalias*)))";
//ds.PropertyNamesOnly = true;
ds.PropertiesToLoad.Add("manager");

List<string> users = new List<string>();
string s = "undefined";

foreach (SearchResult sr in ds.FindAll())
{
    DirectoryEntry dee = sr.GetDirectoryEntry();
    s = (string)dee.Properties[""].Value ?? "<undefined>";                    
    users.Add(s);
}

This returns me the Manager details in such a way:

CN=First LastName,OU=Managers,OU=Engineering,OU=Central,OU=Something,DC=XYZ,DC=XYZ,DC=XYZRE

What I do is use string manipulation to extract the CN and then run the query on that CN to find the details of the manager. However the problem is that CN here isn't unique. There could be two or more people of the same name. What I basically need is a method that returns me the Manager ALIAS of the user (not the CN or anything).

Please any help is this would be highly appreciated. Open to suggestions. Many thanks

Answer 1

There is a field called mailNickname .

This link: In active directory, what is mailNickname used for? has more information about it. The problem is: it's used for the Exchange-server.

So that means the value can be null or empty. Here's an example in Visual Basic: http://www.vbforums.com/showthread.php?615131-RESOLVED-Get-logged-in-user-s-Alias-from-LDAP which explains how and what.