Modifying LDAP attributes using C#

Posted on 2005-03-30
Medium Priority
Last Modified: 2012-05-05
I have been working on a small application that can bind to the directory and modify an attribute.  So far I have been able to bind correctly and retrieve a Directory Entry.  But I am unable to modify an attribute.  This is not a rights issue it seems to be a coding issue and my understanding of C#.  Does someone have an example I can see to modify an attribute.  What I have tried so far is

SearchResult result = mySearcher.FindOne();
result.Properties["HomeDirectory"][0]= "bob";

Question by:darkstagg
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 20

Expert Comment

ID: 13669774
SearchResult object contains just some readonly data for you to use, not to modify. Use DirectoryEntry object from the SearchResult object and modify it, like so

DirectoryEntry de = result.GetDirectoryEntry();
de.Properties["HomeDirectory"].Value = "myHomeDirectory";

Author Comment

ID: 13672758
Im still a bit stuck on this.  Although closer thanks.  It appears now when I try to modify the object in question I am unable to because I am bound to the directory in a different way.  What I am trying to do is bind to the AD with my admin account and modify an attribute for another user.  Here is my code in general so far.

DirectoryEntry entry = new DirectoryEntry  "LDAP://domain.com","CN=admin,OU=Administrators,OU=ca,OU=is,DC=domain,DC=com","password");
      myDirectorySearcher = new DirectorySearcher("cn=bob");
      SearchResult result = myDirectorySearcher.FindOne();

      DirectoryEntry clientEntry = result.GetDirectoryEntry();

      clientEntry.Properties["homeDirectory"].Value = "bob";

When I do this it errors out and appears to be unable to access the value.  When I use the debugger I can see result contains the appropriate attributes.

Thanks again
LVL 20

Accepted Solution

ihenry earned 1050 total points
ID: 13673360
You're passing the user name "CN=admin,OU=Administrators,OU=ca,OU=is,DC=domain,DC=com" in DN format to the DirectoryEntry ctor, in order to get this to work you must use SSL binding option in the DirectoryEntry object. To avoid SSL binding you can use user name in NT format like "yourDomain\userName" or in UPN format such as "userName@yourDomain.com" .

In order to make the search to be more efficient you would need to include objectClass and objectCategory in the filter, like so:

And  try to avoid using FindOne method as it might give you serious memory leak problem in production later. You can consider using "using" statement and FindAll method as a replacement.

               using (SearchResultCollection src = myDirectorySearcher.FindAll())
                    if (src.Count > 0)
                         SearchResult sr = src[0];
                         // code continue here...

For any exception occur, post the exception stack trace here.
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Author Comment

ID: 13673597
My apologies for being somewhat dim on this I have a strong understanding of LDAP and you are right on adding the filter and how I should do the search.  But I am not clear on the bind process and then searching correctly for another object.  Can you give me an example of this.

Pseudo code

bind to directory with Admin account.
search for a user (not the admin user).
modify the homedirectory attribute.
commit the change to the directory.

again sorry for not fully understanding I greatly appreciate the help


Author Comment

ID: 13676862
I believe I have it now thanks so much for the help
LVL 20

Expert Comment

ID: 13849783
I believe my comments have helped the asker and put him to the right direction.

-- Henry

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Ivo
C# And Nullable Types Since 2.0 C# has Nullable(T) Generic Structure. The idea behind is to allow value type objects to have null values just like reference types have. This concerns scenarios where not all data sources have values (like a databa…
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month9 days, 17 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question