Julien Pinquié

ASP.NET, C#, SQL Server

How to get domain user information from Active Directory in C#

First, we have to know the user connection name (here from an ASP.NET page).

string principal = this.Context.User.Identity.Name;


Then we have to define some stuff :

  • search filter including object type and connection name,
  • domain,
  • properties to retrieve from Active Directory. 
string filter = string.Format("(&(ObjectClass={0})(sAMAccountName={1}))", "person", principal);
string domain = "DOMAIN";
string[] properties = new string[] { "fullname" };


To search in Active Directory, we need the following objects :

  • DirectoryEntry : represents a node or object in the Active Directory hierarchy,
  • DirectorySearcher : performs queries against Active Directory Domain Services. 
DirectoryEntry adRoot = new DirectoryEntry("LDAP://" + domain, null, null, AuthenticationTypes.Secure);
DirectorySearcher searcher = new DirectorySearcher(adRoot);
searcher.SearchScope = SearchScope.Subtree;
searcher.ReferralChasing = ReferralChasingOption.All;
searcher.PropertiesToLoad.AddRange(properties);
searcher.Filter = filter;
 
SearchResult result = searcher.FindOne();
DirectoryEntry directoryEntry = result.GetDirectoryEntry();


Finally, once information is retrieved in the DirectoryEntry object, we can get the details of each property defined.

string displayName = directoryEntry.Properties["displayName"][0].ToString();
string firstName = directoryEntry.Properties["givenName"][0].ToString();
string lastName = directoryEntry.Properties["sn"][0].ToString();
string email = directoryEntry.Properties["mail"][0].ToString();
Posted: Feb 06 2008, 12:07 PM by jpinquie | with 7 comment(s)
Filed under: ,

Comments

Justin-Josef Angel [MVP] said:

OK, And?

This is basically just a copy & paste of some code. You never even tried to explain what "Context" is, what "User" is, and what "Identity" is.

Additionally, You just wrote some LDAP query without even so much as noting it.

What's the added value of this post?

# February 7, 2008 1:20 AM

wisperwind said:

Hi Justin,

Don't be so strictly, no matter this article is copied or not, it really helps.

In the first line "here from an ASP.NET page" alreay tells you this code is under a class which inherits System.Web.UI.Page, is there any more explaination needed? If you don't understand what they are, why not read MSDN?

# March 2, 2008 9:02 PM

Johan said:

Well it worked for me, hence a proof that it actually was useful. I needed a quick hack to access basic info on the current logged on user for our intranet and it worked just fine!

# March 10, 2008 9:55 AM

Sruthi said:

iam trying to code some application in C++ which will output all existing users(no.of users,their profiles etc...). If anyone can help plz...

# April 17, 2008 1:05 AM

kris said:

Thank you. this was really helpfull. Apreciate it!

# April 30, 2008 6:21 AM

Brian said:

HI, does anyone know how to do this in Javascript?

# July 15, 2008 2:01 PM

Noob said:

is there an AD property for what user groups a user is part of?

# August 12, 2008 3:41 PM
Leave a Comment

(required) 

(required) 

(optional)

(required)