Julien Pinquié

ASP.NET, C#, SQL Server, Windows Live

How to get domain user information from Active Directory in C#

First, we have to know the user connection name (here from an ASP.NET page).

string principal = this.Context.User.Identity.Name;

 


Then we have to define some stuff :

  • search filter including object type and connection name,
  • domain,
  • properties to retrieve from Active Directory. 
string filter = string.Format("(&(ObjectClass={0})(sAMAccountName={1}))", "person", principal);
string domain = "DOMAIN";
string[] properties = new string[] { "fullname" };

 


To search in Active Directory, we need the following objects :

  • DirectoryEntry : represents a node or object in the Active Directory hierarchy,
  • DirectorySearcher : performs queries against Active Directory Domain Services. 
DirectoryEntry adRoot = new DirectoryEntry("LDAP://" + domain, null, null, AuthenticationTypes.Secure);
DirectorySearcher searcher = new DirectorySearcher(adRoot);
searcher.SearchScope = SearchScope.Subtree;
searcher.ReferralChasing = ReferralChasingOption.All;
searcher.PropertiesToLoad.AddRange(properties);
searcher.Filter = filter;
 
SearchResult result = searcher.FindOne();
DirectoryEntry directoryEntry = result.GetDirectoryEntry();

 


Finally, once information is retrieved in the DirectoryEntry object, we can get the details of each property defined.

string displayName = directoryEntry.Properties["displayName"][0].ToString();
string firstName = directoryEntry.Properties["givenName"][0].ToString();
string lastName = directoryEntry.Properties["sn"][0].ToString();
string email = directoryEntry.Properties["mail"][0].ToString();
Posted: Feb 06 2008, 12:07 PM by jpinquie | with 21 comment(s) |
Filed under: ,

Comments

Justin-Josef Angel [MVP] said:

OK, And?

This is basically just a copy & paste of some code. You never even tried to explain what "Context" is, what "User" is, and what "Identity" is.

Additionally, You just wrote some LDAP query without even so much as noting it.

What's the added value of this post?

# February 7, 2008 1:20 AM

wisperwind said:

Hi Justin,

Don't be so strictly, no matter this article is copied or not, it really helps.

In the first line "here from an ASP.NET page" alreay tells you this code is under a class which inherits System.Web.UI.Page, is there any more explaination needed? If you don't understand what they are, why not read MSDN?

# March 2, 2008 9:02 PM

Johan said:

Well it worked for me, hence a proof that it actually was useful. I needed a quick hack to access basic info on the current logged on user for our intranet and it worked just fine!

# March 10, 2008 9:55 AM

Sruthi said:

iam trying to code some application in C++ which will output all existing users(no.of users,their profiles etc...). If anyone can help plz...

# April 17, 2008 1:05 AM

kris said:

Thank you. this was really helpfull. Apreciate it!

# April 30, 2008 6:21 AM

Brian said:

HI, does anyone know how to do this in Javascript?

# July 15, 2008 2:01 PM

Noob said:

is there an AD property for what user groups a user is part of?

# August 12, 2008 3:41 PM

IanR said:

Thank you!  This post got me where I needed to go in when it came to search through our gigantic directory!

# November 10, 2008 3:26 PM

eworldacademy said:

i wanna get domain

# November 18, 2008 1:56 AM

vijaykumargoud said:

I Got this Exception

Error HRESULT E_FAIL has been returned from a call to a COM component.

at the lin  SearchResult result = searcher.FindOne();

is there any configuration in WEBCONFIG

please reply me

# November 27, 2008 5:11 AM

José Maria said:

Thanks.

So userfull for me.

# January 13, 2009 7:56 AM

Len said:

Just what I was looking for. Thanks, a bit late to the party but much appreciated.

# January 21, 2009 9:20 PM

Beto said:

I keep getting an error on the line,

SearchResult result = searcher.FindOne();

It states...

COMException was unhandled by user code

The server is not operational.

Any one know what this means?

# March 10, 2009 4:26 PM

Zaky said:

This code really help, doent matter it's copy from anywhere. Its better rather than complaining

# March 25, 2009 3:26 AM

Abhi said:

Thank you guys. This worked for me. In case someone is wondering about the filter criteria then one of the example can be:

searcher.Filter = "(&(objectClass=user)(SAMAccountName=" + username + "))";

hope this helps someone.

Thanks again !!

# April 13, 2009 5:18 PM

Paúl said:

It's a so useful post...I take some code of it for an application, made some adjustments to match the enviroment and the application is in production now and work just fine...

Hey Justin-Josef Angel [MVP], If you're looking for a post to copy and paste the code...I suggest you to return to college.

Thanks for your post jpinquie.

# April 15, 2009 1:01 PM

Tr@ben said:

Thanks !

"Et un grand merci d'un etudiant Francais"

;)

# May 29, 2009 3:38 AM

Kasam said:

Really Nice Thanxxxxxxxxx

# June 3, 2009 7:16 AM

Drew said:

I implemented this code and it works great but now users on the network are randomly having to log into AD despite already logging in when they get on the computer. Any ideas?

# July 7, 2009 10:54 AM

Pankaj Chandak said:

Dear, It is really very nice...

I got valid user but I am getting null result, at below line.

SearchResult result = searcher.FindOne();

what is missing. is Form Authentication is must.

basically i am trying to get al users and theit info from active directory.

please reply.. Big TX

# August 25, 2009 2:13 AM

Geocine said:

i get this issue

Logon failure: unknown user name or bad password.

since the code uses null username and password. What am I suppose to do

# October 19, 2009 5:26 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)