Active directory using .NET DirectoryServices

Posted by Richard.Kelters on 19-Jul-2013 02:13

Has anyone succesfully used System.DirectoryServices to query Active Directory and is willing to share information to give me a clue as where to begin?

Richard

All Replies

Posted by Admin on 19-Jul-2013 10:33

What exactly do you want to query?

Posted by Richard.Kelters on 19-Jul-2013 14:18

Specifically, the currently Windows logged in user, email address (I read some C# sample getting the smpt mail address, that's what I need) and location (specifically for the comapny, I was assured this attribute is available once I understood AD).

Richard

Posted by Admin on 19-Jul-2013 15:33

A bit simplified, but should get you started....

We have most of this in libraries, so I copied something together so that it works.

A list of the property names is here: http://www.selfadsi.de/user-attributes.htm

/* *************************** Definitions ************************** */

USING System.Collections.* FROM ASSEMBLY .

USING System.DirectoryServices.* FROM ASSEMBLY .

DEFINE VARIABLE oEntry AS DirectoryEntry NO-UNDO .

DEFINE VARIABLE cName AS CHARACTER NO-UNDO.

DEFINE VARIABLE cGroups AS CHARACTER NO-UNDO.

/* *************************** Main Block *************************** */

FUNCTION GetObjectDistinguishedName RETURNS CHARACTER (cObjectName AS CHARACTER,

cLdapDomain AS CHARACTER) FORWARD .

cName = GetObjectDistinguishedName

(ENTRY (2, System.Security.Principal.WindowsIdentity:GetCurrent():Name, "\":U),

ENTRY (1, System.Security.Principal.WindowsIdentity:GetCurrent():Name, "\":U)) .

oEntry = NEW DirectoryEntry (cName) .

MESSAGE cName SKIP (1)

UNBOX (oEntry:Properties["mail":U]:Item[0]) SKIP

UNBOX (oEntry:Properties["displayName":U]:Item[0]) SKIP

VIEW-AS ALERT-BOX.

/*

Posted by Richard.Kelters on 19-Jul-2013 15:49

Thanks Mike. Monday I'm in an AD enviroment and have a go at it, now I'm going to enjoy the weekend! See ya.

Message was edited by: Richard Kelters

This is how I solved it. Using a directorysearcher to provide complete LDAP path.

DEFINE VARIABLE oADContext      AS System.DirectoryServices.ActiveDirectory.DirectoryContext.

DEFINE VARIABLE oDirectoryEntry AS System.DirectoryServices.DirectoryEntry.

DEFINE VARIABLE oSearch         AS System.DirectoryServices.DirectorySearcher.

DEFINE VARIABLE oResult         AS System.DirectoryServices.SearchResult.

DEFINE VARIABLE oenum#          AS System.Collections.IEnumerator.

DEFINE VARIABLE iCount          AS INTEGER     NO-UNDO.

DEFINE VARIABLE iItem           AS INTEGER     NO-UNDO.

DEFINE VARIABLE cUserName#      AS CHARACTER   NO-UNDO.

DEFINE VARIABLE cPath#          AS CHARACTER   NO-UNDO.

DEFINE VARIABLE cEmail          AS CHARACTER   NO-UNDO.

oADContext      = NEW System.DirectoryServices.ActiveDirectory.DirectoryContext(System.DirectoryServices.ActiveDirectory.DirectoryContextType:Domain).

oDirectoryEntry = System.DirectoryServices.ActiveDirectory.Domain:GetDomain(oADContext):GetDirectoryEntry().

cUserName#      = ENTRY(2,System.Security.Principal.WindowsIdentity:GetCurrent():NAME,"\").

oSearch         = NEW System.DirectoryServices.DirectorySearcher(oDirectoryEntry,SUBSTITUTE("(&&(objectClass=user)(sAMAccountName=&1))",cUserName#)).

oResult         = oSearch:FindOne().

/* now I've got the complete LDAP path of the Windows user */

oDirectoryEntry = NEW System.DirectoryServices.DirectoryEntry(oResult:path).

oenum#          =  oDirectoryEntry:Properties:GetEnumerator().

/* a simple output of props only 1 deep en nog object or byte[] conversions */

OUTPUT TO value(SUBSTITUTE("c:\temp\ADproperties_&1.txt",cUserName#)).

DO WHILE oenum#:MoveNext():

PUT UNFORMATTED

CAST(oenum#:CURRENT,System.DirectoryServices.PropertyValueCollection):PropertyName FORMAT "x(40)"

CAST(oenum#:CURRENT,System.DirectoryServices.PropertyValueCollection):VALUE FORMAT "x(140)"

SKIP.

END.

OUTPUT CLOSE.

/* get smtp according to  http://lozanotek.com/blog/articles/149.aspx */

iCount =  oDirectoryEntry:Properties["proxyaddresses":U]:COUNT.

DO iItem = 0 TO iCount - 1:

IF UNBOX(oDirectoryEntry:Properties["proxyaddresses":U]:ITEM[iItem]) BEGINS "smtp:"

THEN     DO:

cEmail = ENTRY(2,UNBOX(oDirectoryEntry:Properties["proxyaddresses":U]:ITEM[iItem]),":").

LEAVE.

END.

END.

MESSAGE

"ActiveDirectory path:   " SKIP

oDirectoryEntry:Path SKIP (2)

"Logon name:      " cUserName# SKIP

"NETbios name:     " System.Security.Principal.WindowsIdentity:GetCurrent():NAME SKIP

"Authenticated:    " System.Security.Principal.WindowsIdentity:GetCurrent():IsAuthenticated SKIP

"User Identity:    " System.Security.Principal.WindowsIdentity:GetCurrent():USER:VALUE SKIP  SKIP

"Displayname:      "  UNBOX (oDirectoryEntry:Properties["displayName":U]:Item[0]) SKIP

"Email (smtp):       "  cEmail SKIP

"Email:           "  UNBOX (oDirectoryEntry:Properties["mail":U]:Item[0])

VIEW-AS ALERT-BOX INFO BUTTONS OK.

RETURN.

Posted by Richard.Kelters on 31-Jul-2013 10:41

Thanks again Mike (sorry had some trouble trying to update this discussion)

I had to solve the problem not knowing the exact LDAP path or DistinguishedName, did that by searching AD. As allways it's simple when you know how. And while we're at we're going to use this also for single signon.

Richard

This thread is closed