stackoom
  简体   繁体   中英

How can I search Active Directory by username using C#?

 原文  2013-05-31 20:09:34       c#/ active-directory

Question

I'm trying to search active directory by the username 'admin'. I know for a fact that there is a user with that username in the directory, but the search keeps coming back with nothing. 

var attributeName = "userPrincipalName";
var searchString = "admin"
var ent = new DirectoryEntry("LDAP://"dc=corp,dc=contoso,dc=com")
var mySearcher = new DirectorySearcher(ent);
mySearcher.Filter = string.Format("(&(objectClass=user)({0}={1}))", attributeName, searchString);

var userResult = mySearcher.FindOne();

userResult always ends up null. I would love to know why, there must be something that I'm missing.

5 answers

solution1
 7  2013-05-31 20:19:28

If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

Basically, you can define a domain context and easily find users and/or groups in AD: 

// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "admin");

if(user != null)
{
   // do something here....     
}

With this code, you'll be searching for that user by the following attributes:

  • DistinguishedName : The identity is a Distinguished Name (DN).
  • Guid : The identity is a Globally Unique Identifier (GUID).
  • Name : The identity is a name.
  • SamAccountName : The identity is a Security Account Manager (SAM) name.
  • Sid : The identity is a Security Identifier (SID) in Security Descriptor Definition Language (SDDL) format.
  • UserPrincipalName : The identity is a User Principal Name (UPN).

The new S.DS.AM makes it really easy to play around with users and groups in AD!

solution2
 3  2016-11-22 21:32:20

this should work 

private void showUsers(string pUserName)
    {
        string uid = Properties.Settings.Default.uid;
        string pwd = Properties.Settings.Default.pwd;
        using (var context = new PrincipalContext(ContextType.Domain, "YOURDOMAIN", uid, pwd))
        {
            using (UserPrincipal user = new UserPrincipal(context))
            {
                user.SamAccountName = pUserName;
                using (var searcher = new PrincipalSearcher(user))
                {
                    foreach (var result in searcher.FindAll())
                    {
                        DirectoryEntry de = result.GetUnderlyingObject() as DirectoryEntry;
                        Console.WriteLine("First Name: " + de.Properties["givenName"].Value);
                        Console.WriteLine("Last Name : " + de.Properties["sn"].Value);
                        Console.WriteLine("SAM account name   : " + de.Properties["samAccountName"].Value);
                        Console.WriteLine("User principal name: " + de.Properties["userPrincipalName"].Value);
                        Console.WriteLine("Mail: " + de.Properties["mail"].Value);

                        PrincipalSearchResult<Principal> groups = result.GetGroups();

                        foreach (Principal item in groups)
                        {
                            Console.WriteLine("Groups: {0}: {1}", item.DisplayName, item.Name);
                        }
                        Console.WriteLine();
                    }
                }
            }
        }
        Console.WriteLine("End");
        Console.ReadLine();
    }

solution3
 2  2013-05-31 20:38:08

if you want to stick to DirectorySearcher, try searching by cn or samaccountname instead 

var attributeName = "cn";
var searchString = "admin"
var ent = new DirectoryEntry("LDAP://"dc=corp,dc=contoso,dc=com")
var mySearcher = new DirectorySearcher(ent);
mySearcher.Filter = string.Format("(&(objectcategory=user)({0}={1}))", attributeName, searchString);

var userResult = mySearcher.FindOne();

solution4
 2 ACCPTED  2013-06-04 17:10:47

It turns out that "userPrincipalName" needed to be all lower-case ("userprincipalname"). Good to know, thanks for your responses.

solution5
 0  2013-08-06 18:49:01

var attributeName = "userPrincipalName";
var = "admin"

You need change filter like this 

string filter="(&(objectCategory=person)(objectClass=user)(!sAMAccountType=805306370)(attributeName =searchString))";



var ent = new DirectoryEntry("LDAP://"dc=corp,dc=contoso,dc=com")
var mySearcher = new DirectorySearcher(ent);
mySearcher.Filter = filter;

var userResult = mySearcher.FindOne();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to get a username in Active Directory from a display name in C#? How do I get a real name stored in Active Directory from an username with C#? How do I find a user and the security group they belong to in active directory with their username and password in C#? How to use %username% variable in Active Directory user paths using C#? How can I query Active Directory Sites and Services in c#? C# Active Directory Search How can I create a local Active Directory programatically using c#? How can I better query multiple domains in Active Directory using C#? How can I check if a user has write rights in Active Directory using C#? How do I retrieve the schemaNamingMaster in Active Directory using C#?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM