Solved

How to retrieve all active users from Acitve Directory thru C#

Posted on 2011-02-22
9
503 Views
Last Modified: 2012-05-11
Hi Everyone,

Already i have code for retrieve user info from AD based on the string but am trying to include new features to find the all active users in the AD.

What is the best approach i can go for it,i don't find any filter property to find active users in AD.

Please give me your suggestion.
0
Comment
Question by:Sha1395
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 8

Expert Comment

by:crysallus
ID: 34957470
This seems to answer your question, though I can't say I've tried it.

http://anandthearchitect.wordpress.com/2008/07/02/list-all-active-users-in-a-domain/

In particular, the LDAP search query for all active users provided at that link is given by:

(&(&(objectCategory=user)(userAccountControl=512)))

For disabled users, change 512 to 514.

You may wish to read that article more thoroughly than I did though to understand this better though.
0
 

Author Comment

by:Sha1395
ID: 34957728
Hi,

I was trying to retrieve the value of "userAccountControl".The reason for that is

userAccountControl= "512" for active and "514" for inactive user.

am going to use this preoperty in my filter to retrieve only Active users from AD.

when i use "userAccountControl" in my code,it doesn't return any value.please guide me,am i using the right property and name ?

Thanks in Advance


0
 
LVL 8

Expert Comment

by:crysallus
ID: 34957771
Can you post your code and I'll see if I can see anything obviously wrong.

I must confess that the information I gave you above was not something I'm familiar with, just a link that seemed to answer your question, which might have given you some helpful information, or at least a starting point from which to research more. I'm not 100% that it's correct for you.
0
Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

 

Author Comment

by:Sha1395
ID: 34957791
sure,below is my code to retrieve user info.

am trying to do two things here

1) retrieve the UserAccountControl value (ie: 512 or 514)
2) Add another function in this code,when the button clicks in the window console,am going to call this function with reference of this dll

to show the active user (user name) as a return.

//Credit goes to Dhaest

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.DirectoryServices;

namespace ActiveDir
{
    public class Employee
{
    // instance variables 
    public String name;
    public String surname;
    public string title;
    public string company;
    public string email,useraccountcontrol;
    public string mobile, telephonenumber,pager;
    public string city, state, country, postalcode;
        //   ...
    // Constructors

    public String FullName()
    {
        return String.Format("{0}. {1} {2}. {3}. {4}. {5}. {6}. {7}. {8}. {9}. {10}. {11}. {12} ", name, title, surname, company,email,pager, mobile, telephonenumber,city,state, postalcode,country,useraccountcontrol).Trim();
        //return(String.Format("{0,-20} : {1}",title) );
    }
    public static implicit operator String(Employee value)
    {
        return value.ToString();
    }

    public Employee()
    {
    }
}

    public class ActiveDirSearch
    {
        public ActiveDirSearch()
        { }

        public Employee SearchUser(string username)
        {
            
            Employee employee = new Employee();

            if (username.Contains("."))
            {
                string[] splitString = username.Split(new char[] { '.' });
                username = splitString[splitString.Length - 1];
            }


            try
            {
                //DirectoryEntry entry = new DirectoryEntry("GC://Test", "Test\\Test", "Ld@Test", AuthenticationTypes.Secure);
              

                // DirectorySearcher search = new DirectorySearcher(myLdapConnection);
                System.DirectoryServices.DirectorySearcher search = new System.DirectoryServices.DirectorySearcher(entry);
                //  search.Filter = "(cn=" + username + ")";

                if (username.IndexOf(" ") > 0)
                    search.Filter = "(cn=" + username + ")";
                else
                    search.Filter = "(sn=" + username + ")";

                SearchResult result = search.FindOne();


                if (result != null)
                {

                    // user exists, cycle through LDAP fields (cn, telephonenumber etc.)

                    ResultPropertyCollection fields = result.Properties;

                    foreach (String ldapField in fields.PropertyNames)
                    {
                        // cycle through objects in each field e.g. group membership
                        // (for many fields there will only be one object such as name)                        
                        foreach (Object myCollection in fields[ldapField])
                            {
                                 if (ldapField == "name") 
                                     employee.name = myCollection.ToString();
                                 if (ldapField == "surname")
                                     employee.surname = myCollection.ToString();
                                 if(ldapField=="title")
                                     employee.title=myCollection.ToString();
                                 if (ldapField == "company")
                                     employee.company = myCollection.ToString();
                                 if (ldapField == "mobile")
                                     employee.mobile = myCollection.ToString();
                                 if (ldapField == "postalcode")
                                     employee.postalcode = myCollection.ToString();
                                 if (ldapField == "telephonenumber")
                                     employee.telephonenumber = myCollection.ToString();
                                 if (ldapField == "l")
                                     employee.city = myCollection.ToString();
                                 if (ldapField == "st")
                                     employee.state = myCollection.ToString();
                                 if (ldapField == "co")
                                     employee.country = myCollection.ToString();
                                 if (ldapField == "mail")
                                     employee.email = myCollection.ToString();
                                 if (ldapField == "otherpager")
                                     employee.pager = myCollection.ToString();
                                 if (ldapField == "userAccountControl")
                                     employee.useraccountcontrol = myCollection.ToString();

                            }
                      }

                 }

                         else
                        {
                   return null;
                      }
            }

            catch (Exception e)
            {
                throw e;
            }

            return employee ;
        }
    }
}

Open in new window

0
 
LVL 8

Expert Comment

by:crysallus
ID: 34957843
Is your OS in the applies to section at this link?

http://support.microsoft.com/kb/305144#appliesto

That maybe why you're not getting anything. The useraccountcontrol property may only be valid in certain versions of windows... perhaps, though I'm guessing a little here.
0
 

Author Comment

by:Sha1395
ID: 34966523
Thanks crysallus ,i was going trhu all the MSDN.

I tried again with "Useraccountcontrol" it worked like a charm,am sure i might did some mistake in the to call Useraccount control.

Anyway thanks a lot for your help to give me more understand about the topic.
0
 

Author Comment

by:Sha1395
ID: 34966527
if (ldapField == "useraccountcontrol")
                                     employee.useraccountcontrol = myCollection.ToString();
0
 
LVL 8

Accepted Solution

by:
crysallus earned 500 total points
ID: 34966574
My comments provided meaningful help, as admitted by the author. At least a B I would have thought.
0
 

Author Closing Comment

by:Sha1395
ID: 34966798
Help me to understand the problem but got my own way to resolved the issues.
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Ivo
C# And Nullable Types Since 2.0 C# has Nullable(T) Generic Structure. The idea behind is to allow value type objects to have null values just like reference types have. This concerns scenarios where not all data sources have values (like a databa…
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question