[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

c# Search AD for user account only knowing a section of it! Help!

Posted on 2010-08-13
6
Medium Priority
?
420 Views
Last Modified: 2012-05-10
Hey all again. Another Active Directory c# problem. See th pattern? lol.

Ok, now out student accounts contain whats known as a MISID, I need to search the AD looking for any account with reference to this in the CN. for example,

SC10333333

My MISID would be 333333, now i know the user would be SC10333333, but they may also be SC093333, SC083333 etc.. So i just want to search by the MISID.

How can this be done, I have tried the following but it doesn't work:


/// <summary>
        /// Check for the existence of an Object
        /// </summary>
        /// <param name="objectPath"></param>
        /// <returns>True or False</returns>
        public static bool Object_Exists(string CN=*333333,OU=this,OU=that,DC=domain,DC=local)
        {
            bool found = false;
            if (DirectoryEntry.Exists("LDAP://" + objectPath))
            {
                found = true;
            }
            return found;
        }

Open in new window

0
Comment
Question by:KazooSoft
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 5

Expert Comment

by:JayFromPep
ID: 33429941
It wont work because it is a string, and therefore the '*' is taken literally.

What you can do is create a for loop, creating the CN string in iterations.

IE
public foo(string MISID)
      {
        int i;
        string cn;
        for (i = 0; i <= 10; i++)
        {
            cn = Convert.ToString(i) + MISID;
        }
        return cn;
      }

Use this return value in your logic to do the search.  That way it iterates through until you find one that matches, then jumps on to the next proc.
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 33430483

You wouldn't be better setting up a search? That would allow you to use the wildcard.

Chris
0
 
LVL 5

Expert Comment

by:JayFromPep
ID: 33430677
Not sure.  Sounds like a good option.  What would your approach be Chris?
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 33430764

I'd want to limit connections to the directory if the number of accounts it has to look at is unknown. I'd probably try something along these lines.

Although it's always possible there's a better way :)

Chris
public static bool Object_Exists(string SearchRoot, string LdapFilter) 
{
  // Test values
  // String LdapFilter = "(name=*333333)";
  // DirectoryEntry SearchRoot = new DirectoryEntry("LDAP://OU=this,OU=that,DC=domain,DC=local");

  DirectoryEntry SearchRoot = new DirectoryEntry("LDAP://" + SearchRoot);
  DirectorySearcher Searcher = new DirectorySearcher(SearchRoot, LdapFilter);
  Searcher.SearchScope = SearchScope.OneLevel

  SearchResultCollection Results = Searcher.FindAll();

  If (Results.Count > 0) {
    return true;
  }
  return false;
}

Open in new window

0
 
LVL 5

Expert Comment

by:JayFromPep
ID: 33430866
Chris,

Let me start by saying 'Duh'.....should have thought it through mo' betta.

I like it.  I think at the end to make the results work for the poster, you would have to return something to work with other than a bool.  Probably an array of some sort that has the items in it.
That array could then be itterated through to find the information of interest.

nice job.
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 33430901

Yeah, definitely, I only went for bool in the return to replicate the intention of the original. I'd probably have it return a small number of properties in the SearchResultCollection for use outside the method.

Chris
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question