• 0

.NET & Windows Active Directory

Asked by donchen,

 Share

Question

29 answers to this question

Recommended Posts

  • 0
Mentor

donchen

Posted
  • Author
Posted

Sorry guys,

I'm just a little confused. Do i need to use LDAP (which i don't really know what after reading about it in Wiki) ? Or ADSI ?

Please correct me if i am wrong. ADSI is Active Directory Service Interface. Basically what it does is it forms a bridge for programmers like us to communicate with the Active Directory.. Am i right or I am totally screwed ? Haha ?

Don

  • 0
Grand Master

Kami-

Posted
Posted

Lightweight Directory Access Protocol (LDAP): It is a protocol for accessing information directories such as organizations, individuals, phone numbers, and addresses. It is based on the X.500 directory protocols, but it is simpler, and unlike X.500, it supports TCP/IP for Internet usage. The standards are specified in RFC 1777.

  • 0
Proficient

Sartoris

Posted
Posted

Quick sample:

This code will return a list of all users in active directory.

Make sure you add this to your class:

using System.DirectoryServices;

System.Text.StringBuilder sb = new System.Text.StringBuilder();

DirectoryEntry rootEntry = new DirectoryEntry();
rootEntry.Path = "LDAP://example.com/DC=example,DC=com";
rootEntry.Username = "{admin account}";
rootEntry.Password = "{admin password}";
rootEntry.AuthenticationType = AuthenticationTypes.Secure;

DirectorySearcher dirSearcher = new DirectorySearcher(rootEntry);
dirSearcher.Filter = "(&(objectCategory=Person)(objectClass=user))";
dirSearcher.PropertiesToLoad.Add("sAMAccountName");

SearchResultCollection resultsColl = dirSearcher.FindAll();
foreach (SearchResult result in resultsColl)
{
	if (result.Properties.Contains("sAMAccountName"))
	{
		string account = (string)result.Properties["sAMAccountName"][0];		
		sb.AppendLine(account);
	}
}

// your user account list, saved in a string
string userAccounts = sb.ToString();

You would replace example.com with your domain and replace the {admin account} and {admin password} with the user credentials of a user that has access to read active directory (ie: a domain admin).

  • 0
Proficient

Sartoris

Posted
Posted
Just a quick question,

if (result.Properties.Contains("sAMAccountName"))

Why are you checking if the results contains sAMAccountName?

Sorry if thats a silly question

If there is a null value in a result, then you will get an error if you try to assign it to a variable. It is just a safety precaution.

  • 0
Mentor

donchen

Posted
  • Author
Posted

Oh, i guess i got the whole idea wrong.

To have a Windows Active Directory, I need a Windows Server to be running right ? And the IP that is assigned to the Windows Server will be the domain name ?

And the windows Active directory gives the admin 1 control point to control all the computers that are connected to the windows server

Is my concept right now ?

  • 0
Proficient

Sartoris

Posted
Posted

http://en.wikipedia.org/wiki/Active_Directory

Sort of.

One (or several mirrored) domain server controls user access to all computers connected to the domain.

We have two domain controllers and about 250 computers under active directory.

http://www.microsoft.com/downloads/details...;DisplayLang=en

This includes the active directory tools.

  • 0
Grand Master

Antaris Veteran

Posted
  • Veteran
Posted
Is everything in the AD retrievable ? Or some are not ? Example like the password ?

I believe the user's password is stored as a hash, so really its only used for validation, no retrieval.

It might also depend on how you connect to the directory, anonymously, or via authentication?

  • 0
Grand Master

Kami-

Posted
Posted
But for my case, even if it is stored as a hash, I am still interested in retrieving it so will I still be able to get the information ?

Given that I am logged in via authentication as the highest priviledged user.

I don't think you can retrieve it, however I know that you can alter it :)

  • 0
Mentor

donchen

Posted
  • Author
Posted (edited)

Hmn... alright. Thanks guys!

I'm giving a shot using JAVA instead of .NET reason being i am more familiar with JAVA.

The site that Sartoris gave me was very USEFUL (TYPO SORRY!). They use an external lib call jldap. Anyone uses that can share their knowledge ?

Edited by donchen
This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.