Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>You should try breaking this into separate parts, so it's easier to manage the logic, and easier to locate where your errors are occurring. I usually go with the following approach in this situation :</p> <ul> <li>Create an <code>LdapConnection</code> object so you can set the options you need</li> <li>Setup a <code>NetworkCredential</code> instance with an administrative username and password </li> <li>Bind to the directory with the user so you can issue a direct LDAP query</li> <li>Return a <code>SearchResultEntry</code> so you can process the properties</li> </ul> <p>You have a few options to help you accomplish this, but I'd try something like this :</p> <pre><code>//Delcare your Network Credential with the administrative Username, Password, and your active directory domain var credentials = new NetworkCredential(userName, password, domain); //Create a directory identifier and connection, var ldapidentifier = new LdapDirectoryIdentifier(serverName, port, false, false); var ldapconn = new LdapConnection(ldapidentifier, credentials); </code></pre> <p>Next, make sure you're setting the right <code>AuthType</code> for your particular instance. Since you're connecting over port 389, just use <code>AuthType.Basic</code>.</p> <pre><code>ldapconn.AuthType = AuthType.Basic; </code></pre> <p>As you had asked, there is a very easy way to setup a direct LDAP query using this approach. I'm assuming you're searching by <code>sAMAccountName</code>, but you can modify this as needed :</p> <pre><code>string ldapFilter = "(&amp;(objectCategory=person)(objectClass=user)(&amp;(sAMAccountName={{UserYouAreTryingToFind}})))"; </code></pre> <p>Now we just have to setup the search request, and send it accordingly :</p> <pre><code>//Send the search request with our delimited attribute list var getUserRequest = new SearchRequest(domain, ldapFilter, SearchScope.Subtree, AttributeList) {SizeLimit = 1}; //Suppress any refferal creation from happening during the search var SearchControl = new SearchOptionsControl(SearchOption.DomainScope); getUserRequest.Controls.Add(SearchControl); var userResponse = (SearchResponse)ldapconn.SendRequest(getUserRequest); //This is where I load up the entry I've located, SearchResultEntry ResultEntry = userResponse.Entries[0]; </code></pre> <p>That should return the user you've queried for, along with any properties you've put into <code>AttributeList</code>. In this context, <code>AttributeList</code> is just a string array (<code>string[]</code>) of property names - in your case you'll want to add one called "objectGUID".</p> <p>As for reading the properties on the <code>SearchResultEntry</code>, you can do exactly what you had originally :</p> <pre><code> if(ResultEntry.Attributes.Contains("objectGUID")) { // do some stuff here } </code></pre> <p>That should help get you going in the right direction. </p> <p>Also, if you don't already have a copy of <a href="http://www.wireshark.org/" rel="nofollow" title="wireshark">wireshark</a>, I highly suggest you download it - it will be invaluable in diagnosing connection issues with active directory.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload