Solved

c# Search AD for user account only knowing a section of it! Help!

Posted on 2010-08-13
6
416 Views
Last Modified: 2012-05-10
Hey all again. Another Active Directory c# problem. See th pattern? lol.

Ok, now out student accounts contain whats known as a MISID, I need to search the AD looking for any account with reference to this in the CN. for example,

SC10333333

My MISID would be 333333, now i know the user would be SC10333333, but they may also be SC093333, SC083333 etc.. So i just want to search by the MISID.

How can this be done, I have tried the following but it doesn't work:


/// <summary>
        /// Check for the existence of an Object
        /// </summary>
        /// <param name="objectPath"></param>
        /// <returns>True or False</returns>
        public static bool Object_Exists(string CN=*333333,OU=this,OU=that,DC=domain,DC=local)
        {
            bool found = false;
            if (DirectoryEntry.Exists("LDAP://" + objectPath))
            {
                found = true;
            }
            return found;
        }

Open in new window

0
Comment
Question by:KazooSoft
  • 3
  • 3
6 Comments
 
LVL 5

Expert Comment

by:JayFromPep
ID: 33429941
It wont work because it is a string, and therefore the '*' is taken literally.

What you can do is create a for loop, creating the CN string in iterations.

IE
public foo(string MISID)
      {
        int i;
        string cn;
        for (i = 0; i <= 10; i++)
        {
            cn = Convert.ToString(i) + MISID;
        }
        return cn;
      }

Use this return value in your logic to do the search.  That way it iterates through until you find one that matches, then jumps on to the next proc.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 33430483

You wouldn't be better setting up a search? That would allow you to use the wildcard.

Chris
0
 
LVL 5

Expert Comment

by:JayFromPep
ID: 33430677
Not sure.  Sounds like a good option.  What would your approach be Chris?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 33430764

I'd want to limit connections to the directory if the number of accounts it has to look at is unknown. I'd probably try something along these lines.

Although it's always possible there's a better way :)

Chris
public static bool Object_Exists(string SearchRoot, string LdapFilter) 
{
  // Test values
  // String LdapFilter = "(name=*333333)";
  // DirectoryEntry SearchRoot = new DirectoryEntry("LDAP://OU=this,OU=that,DC=domain,DC=local");

  DirectoryEntry SearchRoot = new DirectoryEntry("LDAP://" + SearchRoot);
  DirectorySearcher Searcher = new DirectorySearcher(SearchRoot, LdapFilter);
  Searcher.SearchScope = SearchScope.OneLevel

  SearchResultCollection Results = Searcher.FindAll();

  If (Results.Count > 0) {
    return true;
  }
  return false;
}

Open in new window

0
 
LVL 5

Expert Comment

by:JayFromPep
ID: 33430866
Chris,

Let me start by saying 'Duh'.....should have thought it through mo' betta.

I like it.  I think at the end to make the results work for the poster, you would have to return something to work with other than a bool.  Probably an array of some sort that has the items in it.
That array could then be itterated through to find the information of interest.

nice job.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 33430901

Yeah, definitely, I only went for bool in the return to replicate the intention of the original. I'd probably have it return a small number of properties in the SearchResultCollection for use outside the method.

Chris
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question