ALL Operations on Active Directory (AD) using c#

最新推荐文章于 2023-03-05 23:00:07 发布
最新推荐文章于 2023-03-05 23:00:07 发布
阅读量1.8k 收藏 1
点赞数
分类专栏: C#

Objective


This article will explain how to perform operations on Active Directory (AD) using C#.  In this step-by-step tutorial, I will build a class library (DLL) project that will perform all the AD Operations and then you can use this class library in any application to use this functionality.

Basic introduction of Active Directory is provided and code examples for operations like

<!--[if !supportLists]-->1.       <!--[endif]-->Finding user by login name

<!--[if !supportLists]-->2.       <!--[endif]-->Finding user by Name

<!--[if !supportLists]-->3.       <!--[endif]-->Finding user by First Name

<!--[if !supportLists]-->4.       <!--[endif]-->Resolving AD Group in users etc

What is Active Directory


This is a Directory structure used in Windows for storing information about networks and domains.  This was first used in Windows 2000.  This is a hierarchical structure which helps in organizing information on objects.  In lay term it is used to store user information, network information in an organization.

Solution Explorer for the Active Directory Helper Class library

 

  <!--[if !vml]-->ADImg1.gif
<!--[endif]-->

 

ActiveDirectoryHelper is the main working class. This class will contain all the functions for various operations on AD. Other classes are helping class to perform operations and being used in ActiveDirectoryHelper class.  After adding DLL of this project, at the client side object of ActiveDirectory class will get created and the function will get called.

Diving into code to Perform Operations

Step 1

Create a new project by selecting project template Class Library.

Step 2

Add below references to the project

System.DirectoryServices

System.DirectoryServices.AccountManagement

System.DirectoryServices.Protocols.

System.Configuration

Step 3

Add an Application Configuration file to project.  And add App setting for

<!--[if !supportLists]-->1.       <!--[endif]-->LDAP User Name

<!--[if !supportLists]-->2.       <!--[endif]-->LDAP Password

<!--[if !supportLists]-->3.       <!--[endif]-->LDAP Path

So App.Config file will look like below,

App.Config

<?xmlversion="1.0"encoding="utf-8" ?>

<configuration>

  <appSettings>

    <addkey="LDAPPassword"value="xxxPasswordxxx " />

    <addkey="LDAPPath"value="LDAP://domain/DC=xxx,DC=com" />

    <addkey="LDAPUser"value="xxxUserxxx " />

  </appSettings>

</configuration>

Note: Give user name, password and path according to your LDAP

Step 4. Creating ADUser class

Create or add a class in the project for ADUser details. This class will have the properties corresponding to the information of the AD User.

<!--[if !supportLists]-->1.       <!--[endif]-->This class has read only properties for fetching First Name, Last Name, City, Login Name etc.

<!--[if !supportLists]-->2.       <!--[endif]-->Constructor of the class is taking one parameter of type DirectoryEntry class.

<!--[if !supportLists]-->3.       <!--[endif]-->In Constructor all the information about ADUser is getting fetched using static class ADProperties.

<!--[if !supportLists]-->4.       <!--[endif]-->There are two static functions inside this class. GetUser and GetProperty

<!--[if !supportLists]-->5.       <!--[endif]-->Get Property is returning a string which holds property of AD User.

<!--[if !supportLists]-->6.       <!--[endif]-->GetUser static function is returning an ADUser.

ADUserDetail.cs

using System;

using System.Collections.Generic;

using System.Linq;

using System.Text;

using System.DirectoryServices;

 

namespace ActiveDirectoryHelper

{

    public class ADUserDetail

    {

        private String _firstName;

        private String _middleName;

        private String _lastName;

        private String _loginName;

        private String _loginNameWithDomain;

        private String _streetAddress;

        private String _city;

        private String _state;

        private String _postalCode;

        private String _country;

        private String _homePhone;

        private String _extension;

        private String _mobile;

        private String _fax;

        private String _emailAddress;

        private String _title;

        private String _company;

        private String _manager;

        private String _managerName;

        private String _department;

 

        public String Department

        {

            get { return _department; }

        }

 

        public String FirstName

        {

            get { return _firstName; }

        }

 

        public String MiddleName

        {

            get { return _middleName; }

        }

 

        public String LastName

        {

            get { return _lastName; }

        }

 

        public String LoginName

        {

            get { return _loginName; }

        }

 

        public String LoginNameWithDomain

        {

            get { return _loginNameWithDomain; }

        }

 

        public String StreetAddress

        {

            get { return _streetAddress; }

        }

 

        public String City

        {

            get { return _city; }

        }

 

        public String State

        {

            get { return _state; }

        }

 

        public String PostalCode

        {

            get { return _postalCode; }

        }

 

        public String Country

        {

            get { return _country; }

        }

 

        public String HomePhone

        {

            get { return _homePhone; }

        }

 

        public String Extension

        {

            get { return _extension; }

        }

 

        public String Mobile

        {

            get { return _mobile; }

        }

 

        public String Fax

        {

            get { return _fax; }

        }

 

        public String EmailAddress

        {

            get { return _emailAddress; }

        }

 

        public String Title

        {

            get { return _title; }

        }

 

        public String Company

        {

            get { return _company; }

        }

 

        public ADUserDetail Manager

        {

            get

            {

                if (!String.IsNullOrEmpty(_managerName))

                {

                    ActiveDirectoryHelper ad = new ActiveDirectoryHelper();

                    return ad.GetUserByFullName(_managerName);

                }

                return null;

            }

        }

 

        public String ManagerName

        {

            get { return _managerName; }

        }

 

 

        private ADUserDetail(DirectoryEntry directoryUser)

        {

 

            String domainAddress;

            String domainName;

            _firstName = GetProperty(directoryUser, ADProperties.FIRSTNAME);

            _middleName = GetProperty(directoryUser, ADProperties.MIDDLENAME);

            _lastName = GetProperty(directoryUser, ADProperties.LASTNAME);

            _loginName = GetProperty(directoryUser, ADProperties.LOGINNAME);

            String userPrincipalName = GetProperty(directoryUser, ADProperties.USERPRINCIPALNAME);

            if (!string.IsNullOrEmpty(userPrincipalName))

            {

                 domainAddress = userPrincipalName.Split('@')[1];

            }

            else

            {

                domainAddress = String.Empty;

            }

 

            if (!string.IsNullOrEmpty(domainAddress))

            {

                domainName = domainAddress.Split('.').First();

            }

            else

            {

                domainName = String.Empty;

            }

            _loginNameWithDomain = String.Format(@"{0}\{1}", domainName, _loginName);

            _streetAddress = GetProperty(directoryUser, ADProperties.STREETADDRESS);

            _city = GetProperty(directoryUser, ADProperties.CITY);

            _state = GetProperty(directoryUser, ADProperties.STATE);

            _postalCode = GetProperty(directoryUser, ADProperties.POSTALCODE);

            _country = GetProperty(directoryUser, ADProperties.COUNTRY);

            _company = GetProperty(directoryUser, ADProperties.COMPANY);

            _department = GetProperty(directoryUser, ADProperties.DEPARTMENT);

            _homePhone = GetProperty(directoryUser, ADProperties.HOMEPHONE);

            _extension = GetProperty(directoryUser, ADProperties.EXTENSION);

            _mobile = GetProperty(directoryUser, ADProperties.MOBILE);

            _fax = GetProperty(directoryUser, ADProperties.FAX);

            _emailAddress = GetProperty(directoryUser, ADProperties.EMAILADDRESS);

            _title = GetProperty(directoryUser, ADProperties.TITLE);

            _manager = GetProperty(directoryUser, ADProperties.MANAGER);

            if (!String.IsNullOrEmpty(_manager))

            {

                String[] managerArray = _manager.Split(',');

                _managerName = managerArray[0].Replace("CN=", "");

            }

        }

 

 

        private static String GetProperty(DirectoryEntry userDetail, String propertyName)

        {

            if (userDetail.Properties.Contains(propertyName))

            {

                return userDetail.Properties[propertyName][0].ToString();

            }

            else

            {

                return string.Empty;

            }

        }

 

        public static ADUserDetail GetUser(DirectoryEntry directoryUser)

        {

            return new ADUserDetail(directoryUser);

        }

    }

}

Step 5: Creating ADProperties class


Create or add a class in the project for ADProperties. This class will have the properties corresponding to the information of the AD User.  This is a static class. This class is having all the properties as constant string for ADUser.  This class is giving readable name to all the properties of user details.

ADProperties.cs

using System;

using System.Collections.Generic;

using System.Linq;

using System.Text;

 

namespace ActiveDirectoryHelper

{

    public static class ADProperties

    {

        public const String OBJECTCLASS = "objectClass";

        public const String CONTAINERNAME = "cn";

        public const String LASTNAME = "sn";

        public const String COUNTRYNOTATION = "c";

        public const String CITY = "l";

        public const String STATE = "st";

        public const String TITLE = "title";

        public const String POSTALCODE = "postalCode";

        public const String PHYSICALDELIVERYOFFICENAME = "physicalDeliveryOfficeName";

        public const String FIRSTNAME = "givenName";

        public const String MIDDLENAME = "initials";

        public const String DISTINGUISHEDNAME = "distinguishedName";

        public const String INSTANCETYPE = "instanceType";

        public const String WHENCREATED = "whenCreated";

        public const String WHENCHANGED = "whenChanged";

        public const String DISPLAYNAME = "displayName";

        public const String USNCREATED = "uSNCreated";

        public const String MEMBEROF = "memberOf";

        public const String USNCHANGED = "uSNChanged";

        public const String COUNTRY = "co";

        public const String DEPARTMENT = "department";

        public const String COMPANY = "company";

        public const String PROXYADDRESSES = "proxyAddresses";

        public const String STREETADDRESS = "streetAddress";

        public const String DIRECTREPORTS = "directReports";

        public const String NAME = "name";

        public const String OBJECTGUID = "objectGUID";

        public const String USERACCOUNTCONTROL = "userAccountControl";

        public const String BADPWDCOUNT = "badPwdCount";

        public const String CODEPAGE = "codePage";

        public const String COUNTRYCODE = "countryCode";

        public const String BADPASSWORDTIME = "badPasswordTime";

        public const String LASTLOGOFF = "lastLogoff";

        public const String LASTLOGON = "lastLogon";

        public const String PWDLASTSET = "pwdLastSet";

        public const String PRIMARYGROUPID = "primaryGroupID";

        public const String OBJECTSID = "objectSid";

        public const String ADMINCOUNT = "adminCount";

        public const String ACCOUNTEXPIRES = "accountExpires";

        public const String LOGONCOUNT = "logonCount";

        public const String LOGINNAME = "sAMAccountName";

        public const String SAMACCOUNTTYPE = "sAMAccountType";

        public const String SHOWINADDRESSBOOK = "showInAddressBook";

        public const String LEGACYEXCHANGEDN = "legacyExchangeDN";

        public const String USERPRINCIPALNAME = "userPrincipalName";

        public const String EXTENSION = "ipPhone";

        public const String SERVICEPRINCIPALNAME = "servicePrincipalName";

        public const String OBJECTCATEGORY = "objectCategory";

        public const String DSCOREPROPAGATIONDATA = "dSCorePropagationData";

        public const String LASTLOGONTIMESTAMP = "lastLogonTimestamp";

        public const String EMAILADDRESS = "mail";

        public const String MANAGER = "manager";

        public const String MOBILE = "mobile";

        public const String PAGER = "pager";

        public const String FAX = "facsimileTelephoneNumber";

        public const String HOMEPHONE = "homePhone";

        public const String MSEXCHUSERACCOUNTCONTROL = "msExchUserAccountControl";

        public const String MDBUSEDEFAULTS = "mDBUseDefaults";

        public const String MSEXCHMAILBOXSECURITYDESCRIPTOR = "msExchMailboxSecurityDescriptor";

        public const String HOMEMDB = "homeMDB";

        public const String MSEXCHPOLICIESINCLUDED = "msExchPoliciesIncluded";

        public const String HOMEMTA = "homeMTA";

        public const String MSEXCHRECIPIENTTYPEDETAILS = "msExchRecipientTypeDetails";

        public const String MAILNICKNAME = "mailNickname";

        public const String MSEXCHHOMESERVERNAME = "msExchHomeServerName";

        public const String MSEXCHVERSION = "msExchVersion";

        public const String MSEXCHRECIPIENTDISPLAYTYPE = "msExchRecipientDisplayType";

        public const String MSEXCHMAILBOXGUID = "msExchMailboxGuid";

        public const String NTSECURITYDESCRIPTOR = "nTSecurityDescriptor";

    }

}

 

Step 6. Creating ActiveDirectoryHelper class

 

<!--[if !supportLists]-->1.       <!--[endif]-->This class will have all the function to perform operations to Active Directory.

<!--[if !supportLists]-->2.       <!--[endif]-->There are four properties in the class

LDAPPath property

This property is reading the LDAPPath from config file.

private  String LDAPPath

        {

            get

            {

                return ConfigurationManager.AppSettings["LDAPPath"];

            }

        }

 

 

LDAPUser property

 

This property is reading the LDAP user from the config file.

 

        private  String LDAPUser

        {

            get

            {

                return ConfigurationManager.AppSettings["LDAPUser"];

            }

  }

 

LDAPPassword property

This property is reading the LDAP Password from the config file.

private  String LDAPPassword

        {

            get

            {

                return ConfigurationManager.AppSettings["LDAPPassword"];

            }

        }

 

Search Root Property

This Property is initializing the Directory entry by passing the LDAPUser, LDAPPAth, and LDAPPassword.  This property is creating a new instance DirectoryEntry and returning that.

private  DirectoryEntry SearchRoot

        {

            get

            {

                if (_directoryEntry == null)

                {

                    _directoryEntry = new DirectoryEntry(LDAPPath, LDAPUser, LDAPPassword, AuthenticationTypes.Secure);

                }

                return _directoryEntry;

            }

        }

Various operations in ActiveDirectoryHelper class

Get User by Full Name

This function will take a full name as input parameter and return AD user corresponding to that.

public  ADUserDetail GetUserByFullName(String userName)

        {

            try

            {

                _directoryEntry = null;

                DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

                directorySearch.Filter = "(&(objectClass=user)(cn=" + userName + "))";

                SearchResult results = directorySearch.FindOne();

 

                if (results != null)

                {

                    DirectoryEntry user = new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);

                    return ADUserDetail.GetUser(user);

                }

                else

                {

                    return null;

                }

            }

            catch (Exception ex)

            {

                return null;

            }

        }

Get User by Login Name

This function will return AD user. This takes Login name as input parameter.

  public  ADUserDetail GetUserByLoginName(String userName)

        {

            try

            {

                _directoryEntry = null;

                DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

                directorySearch.Filter = "(&(objectClass=user)(SAMAccountName=" + userName + "))";

                SearchResult results = directorySearch.FindOne();

 

                if (results != null)

                {

                    DirectoryEntry user = new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);

                    return ADUserDetail.GetUser(user);

                }

                return null;

            }

            catch (Exception ex)

            {

                return null;

            }

        }

Get Users by from a AD Group by Group Name

This function will take a group name as input and return list of AD User in that group.

public  List<ADUserDetail> GetUserFromGroup(String groupName)

        {

            List<ADUserDetail> userlist = new List<ADUserDetail>();

            try

            {

                _directoryEntry = null;

                DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

                directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + groupName + "))";

                SearchResult results = directorySearch.FindOne();

                if (results != null)

                {

 

                    DirectoryEntry deGroup = new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);

                    System.DirectoryServices.PropertyCollection pColl = deGroup.Properties;

                    int count = pColl["member"].Count;

 

 

                    for (int i = 0; i < count; i++)

                    {

                        string respath = results.Path;

                        string[] pathnavigate = respath.Split("CN".ToCharArray());

                        respath = pathnavigate[0];

                        string objpath = pColl["member"][i].ToString();

                        string path = respath + objpath;

 

 

                        DirectoryEntry user = new DirectoryEntry(path, LDAPUser, LDAPPassword);

                        ADUserDetail userobj = ADUserDetail.GetUser(user);

                        userlist.Add(userobj);

                        user.Close();

                    }

                }

                return userlist;

            }

            catch (Exception ex)

            {

                return userlist;

            }

 

        }

Get Users and Group by from a AD basis on starting with string

This function will return Users and Group information from AD on basis of first characters. Wild character * is used to filter the criteria. 

public  List<ADUserDetail>GetUsersByFirstName(string fName)

        {

 

            //UserProfile user;

            List<ADUserDetail> userlist = new List<ADUserDetail>();

            string filter = "";

 

            _directoryEntry = null;

            DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

            directorySearch.Asynchronous = true;

            directorySearch.CacheResults = true;

            //directorySearch.Filter = "(&(objectClass=user)(SAMAccountName=" + userName + "))";

            filter = string.Format("(givenName={0}*", fName);

            //filter = "(&(objectClass=user)(objectCategory=person)" + filter + ")";

            filter = "(&(objectClass=user)(objectCategory=person)(givenName="+fName+ "*))";

 

 

            directorySearch.Filter = filter;

           

            SearchResultCollection userCollection = directorySearch.FindAll();

            foreach (SearchResult users in userCollection)

            {

                DirectoryEntry userEntry = new DirectoryEntry(users.Path, LDAPUser, LDAPPassword);

                ADUserDetail userInfo =  ADUserDetail.GetUser(userEntry);

 

               

                userlist.Add(userInfo);

                            }

               

                directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" +fName  + "*))";

                SearchResultCollection results = directorySearch.FindAll();

                if (results != null)

                {

 

                    foreach (SearchResult r in results)

                    {

                        DirectoryEntry deGroup = new DirectoryEntry(r.Path, LDAPUser, LDAPPassword);

                       // ADUserDetail dhan = new ADUserDetail();

                        ADUserDetail agroup = ADUserDetail.GetUser(deGroup);

                        userlist.Add(agroup);

                    }

 

                }

            return userlist;             

        }

Adding User to Active Directory Group

This function will take a user login name and add this to a group of AD.

public  bool AddUserToGroup(string userlogin, string groupName)

        {

            try

            {

                _directoryEntry = null;

                ADManager admanager = new ADManager(LDAPDomain, LDAPUser, LDAPPassword);

                admanager.AddUserToGroup(userlogin, groupName);

                return true;

            }

            catch (Exception ex)

            {

                return false;

            }

        }    

Removing User to Active Directory Group

 

This function will take a user login name and remove this to a group of AD.

    

      public  bool RemoveUserToGroup(string userlogin, string groupName)

        {

            try

            {

                                _directoryEntry = null;

                ADManager admanager = new ADManager("xxx", LDAPUser, LDAPPassword);

                admanager.RemoveUserFromGroup(userlogin, groupName);

                return true;

            }

            catch (Exception ex)

            {

                return false;

            }

        }

 

In above two functions ADManager class is being used for adding and removing user in AD.

ADManager.cs

using System;

using System.Collections.Generic;

using System.Linq;

using System.Text;

using System.DirectoryServices.AccountManagement;

 

namespace ActiveDirectoryHelper

{

    public class ADManager

    {

 

        PrincipalContext context;

 

        public ADManager()

        {

            context = new PrincipalContext(ContextType.Machine, "xxx", "xxx", "xxx");

           

        }

 

       

        public ADManager(string domain, string container)

        {

            context = new PrincipalContext(ContextType.Domain, domain, container);

        }

 

        public ADManager(string domain, string username, string password)

        {

            context = new PrincipalContext(ContextType.Domain, username, password);

        }

 

        public bool AddUserToGroup(string userName, string groupName)

        {

            bool done = false;

            GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupName);

            if (group == null)

            {

                group = new GroupPrincipal(context, groupName);

            }

            UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);

            if (user != null & group != null)

            {

                group.Members.Add(user);

                group.Save();

                done = (user.IsMemberOf(group));

            }

            return done;

        }

 

       

        public bool RemoveUserFromGroup(string userName, string groupName)

        {

            bool done = false;

            UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);

            GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupName);

            if (user != null & group != null)

            {

                group.Members.Remove(user);

                group.Save();

                done = !(user.IsMemberOf(group));

            }

            return done;

        }

    }

}

 

This is the way all the operation could be perform on the AD.

Complete code for ActiveDirectoryHelper.cs class

 

using System;

using System.Collections.Generic;

using System.Linq;

using System.Text;

using System.DirectoryServices;

using System.Configuration;

 

namespace ActiveDirectoryHelper

{

    public  class ActiveDirectoryHelper

    {

        private  DirectoryEntry _directoryEntry = null;

 

        private  DirectoryEntry SearchRoot

        {

            get

            {

                if (_directoryEntry == null)

                {

                    _directoryEntry = new DirectoryEntry(LDAPPath, LDAPUser, LDAPPassword, AuthenticationTypes.Secure);

                }

                return _directoryEntry;

            }

        }

 

        private  String LDAPPath

        {

            get

            {

                return ConfigurationManager.AppSettings["LDAPPath"];

            }

        }

 

        private  String LDAPUser

        {

            get

            {

                return ConfigurationManager.AppSettings["LDAPUser"];

            }

        }

 

        private  String LDAPPassword

        {

            get

            {

                return ConfigurationManager.AppSettings["LDAPPassword"];

            }

        }

 

        private  String LDAPDomain

        {

            get

            {

                return ConfigurationManager.AppSettings["LDAPDomain"];

            }

        }

 

        internal  ADUserDetail GetUserByFullName(String userName)

        {

            try

            {

                _directoryEntry = null;

                DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

                directorySearch.Filter = "(&(objectClass=user)(cn=" + userName + "))";

                SearchResult results = directorySearch.FindOne();

 

                if (results != null)

                {

                    DirectoryEntry user = new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);

                    return ADUserDetail.GetUser(user);

                }

                else

                {

                    return null;

                }

            }

            catch (Exception ex)

            {

                return null;

            }

        }

 

        public  ADUserDetail GetUserByLoginName(String userName)

        {

            try

            {

                _directoryEntry = null;

                DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

                directorySearch.Filter = "(&(objectClass=user)(SAMAccountName=" + userName + "))";

                SearchResult results = directorySearch.FindOne();

 

                if (results != null)

                {

                    DirectoryEntry user = new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);

                    return ADUserDetail.GetUser(user);

                }

                return null;

            }

            catch (Exception ex)

            {

                return null;

            }

        }

 

 

        ///<summary>

        /// This function will take a DL or Group name and return list of users

        ///</summary>

        ///<param name="groupName"></param>

        ///<returns></returns>

        public  List<ADUserDetail> GetUserFromGroup(String groupName)

        {

            List<ADUserDetail> userlist = new List<ADUserDetail>();

            try

            {

                _directoryEntry = null;

                DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

                directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + groupName + "))";

                SearchResult results = directorySearch.FindOne();

                if (results != null)

                {

 

                    DirectoryEntry deGroup = new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);

                    System.DirectoryServices.PropertyCollection pColl = deGroup.Properties;

                    int count = pColl["member"].Count;

 

 

                    for (int i = 0; i < count; i++)

                    {

                        string respath = results.Path;

                        string[] pathnavigate = respath.Split("CN".ToCharArray());

                        respath = pathnavigate[0];

                        string objpath = pColl["member"][i].ToString();

                        string path = respath + objpath;

 

 

                        DirectoryEntry user = new DirectoryEntry(path, LDAPUser, LDAPPassword);

                        ADUserDetail userobj = ADUserDetail.GetUser(user);

                        userlist.Add(userobj);

                        user.Close();

                    }

                }

                return userlist;

            }

            catch (Exception ex)

            {

                return userlist;

            }

 

        }

 

        #region Get user with First Name

 

        public  List<ADUserDetail>GetUsersByFirstName(string fName)

        {

 

            //UserProfile user;

            List<ADUserDetail> userlist = new List<ADUserDetail>();

            string filter = "";

 

            _directoryEntry = null;

            DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);

            directorySearch.Asynchronous = true;

            directorySearch.CacheResults = true;

                        filter = string.Format("(givenName={0}*", fName);

            //            filter = "(&(objectClass=user)(objectCategory=person)(givenName="+fName+ "*))";

 

 

            directorySearch.Filter = filter;

           

            SearchResultCollection userCollection = directorySearch.FindAll();

            foreach (SearchResult users in userCollection)

            {

                DirectoryEntry userEntry = new DirectoryEntry(users.Path, LDAPUser, LDAPPassword);

                ADUserDetail userInfo =  ADUserDetail.GetUser(userEntry);

 

                                userlist.Add(userInfo);

               

            }

               

                directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" +fName  + "*))";

                SearchResultCollection results = directorySearch.FindAll();

                if (results != null)

                {

 

                    foreach (SearchResult r in results)

                    {

                        DirectoryEntry deGroup = new DirectoryEntry(r.Path, LDAPUser, LDAPPassword);

                      

                        ADUserDetail agroup = ADUserDetail.GetUser(deGroup);

                        userlist.Add(agroup);

                    }

 

                }

            return userlist;             

        }

 

        #endregion

 

 

        #region AddUserToGroup

        public  bool AddUserToGroup(string userlogin, string groupName)

        {

            try

            {

                                _directoryEntry = null;

                ADManager admanager = new ADManager(LDAPDomain, LDAPUser, LDAPPassword);

                admanager.AddUserToGroup(userlogin, groupName);

                return true;

            }

            catch (Exception ex)

            {

                return false;

            }

        }

        #endregion

 

        #region RemoveUserToGroup

        public  bool RemoveUserToGroup(string userlogin, string groupName)

        {

            try

            {

                _directoryEntry = null;

                ADManager admanager = new ADManager("xxx", LDAPUser, LDAPPassword);

                admanager.RemoveUserFromGroup(userlogin, groupName);

                return true;

            }

            catch (Exception ex)

            {

                return false;

            }

        }

        #endregion

    }

}

How to use this class library

Just add DLL or reference of this project to your application and make an Instance of ActiveDirectoryHelper class.  After an instance is created, you may call the functions and properties to perform the operations on AD.

Conclusion

This article explained all operations on Active Directory using c#. Thanks for reading.

wilsonke
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
根据memberOf属性获取AD group的Domain Users的members
新酱酱酱的专栏
04-23 1332
背景描述 我所在的部门做的一款 LDAP Sync 的 windows 系统的应用,可以把用户 Directory Server 的数据,包括 LDAP User,LDAP Group,上传到我们的产品里来。 该 application 是用 C# 开发的,使用System.DirectoryServices.Protocols.dll 库 ( 该库提供一系列 LDAP 的 API )。 在我本机上,该 dll 所在路径:C:\Program Files (x86)\Reference Assem.
AD用户信息检索
weixin_30325793的博客
07-27 356
下面代码根据用户名,在AD中查询该用户的ID。(需要AD用户阅览权限) using System.DirectoryServices; private string GetUserAccount(string userDisplayName) { string userAccount = string.Em...
修改Exchange内/外主机名为统一域名(outlook证书报错)
weixin_34121304的博客
03-02 414
随着Exchange邮件系统在越来越多的企业内部流行起来,员工们也很乐意去使用Office Outlook来收发邮件,大大的方便了工作邮件实时有效的传递。但是在用户使用Outlook的同时,也会遇到越来越多的问题,比如Outlook证书报错问题,导致的无法正常使用客户端。今天我们就来说一说outlook证书报错的问题。 众所周知,企业Exchange邮...
DirectorySearCh的PropertiesToLoad所有属性
weixin_30791095的博客
04-07 175
homemdb distinguishedname countrycode cn lastlogoff mailnickname dscorepropagationdata msexchhomeservername msexchmailboxsecuritydescriptor msexchalobjectversion usncreated objectguid when...
Howto: (Almost) Everything In Active Directory via C#
weixin_34289454的博客
11-18 105
Table of ContentsIntroductionBackgroundPoints of concern: security &amp; impersonationRunning code in batch processesMethod parmetersNotes for using System.DirectoryServices.DirectoryEntryTarget speci...
HTB打靶(Active Directory 101 Sizzle)
qq_18811919的博客
02-01 850
HTB打靶(Active Directory 101 Sizzle)
C#机器学习(3)-Azure AI(3)
The research on computer technolog
03-05 846
使用 Azure Cloud Shell 环境或 Azure CLI 创建子域、分配角色和获取持有者令牌来调用 Azure 认知服务。第一步是创建自定义子域。如果要使用没有自定义子域名的现有认知服务资源,为资源启用自定义子域。Azure 认知服务对通过 Azure 门户、Azure Cloud Shell 或 Azure CLI 创建的每个资源使用自定义子域名。不同于特定 Azure 区域中所有客户经常使用的区域终结点,自定义子域名对于资源是唯一的。
Wrapper API for using Microsoft Active Directory Services
weixin_33810006的博客
12-19 140
Summary: If you are developing web applications utilizing Microsoft® ASP.NET and have the need to secure your site from unauthorized access, you have surely investigated the various authenticatio...
[Windows Azure] Adding Sign-On to Your Web Application Using Windows Azure AD
weixin_33738578的博客
01-08 502
Adding Sign-On to Your Web Application Using Windows Azure AD 14 out of 19 rated this helpful - Rate this topic This document will show you how to configure a .NET application to perform web sin...
C#实现windows用户用户管理(转)
Epaib
12-30 1714
using System;using System.DirectoryServices;// Be sure to set a reference to "System.DirectoryServices.dll"namespace AdTest// Change namespace for your project{// Structures for returning user informa
红队武器库-网络安全人员必备
anquanzushiye的博客
02-20 5491
包含内容:侦察武器化投递命令与控制横向移动建立立足点提权数据传输杂项内容很不错,建议转发朋友圈作为存档。侦察主动情报收集EyeWitnessis designed to take sc...
【遇见offer】微软专场直播强势来袭!快来领取你的专属面试福利吧~
遇见OFFER
07-23 7244
千呼万唤始出来,微软的直播招聘专场终于来啦!这次微软公司可是诚意满满,在四座大城市开放了三十余个正式职位,等你来投递。 不是什么时候都有机会进微软的哦!如果你有一颗近距离体验大厂工作的心,就快点把握机会,预约直播吧!(当然你可以在直播中看到微软的幕后大佬们!) 戳下面链接,看岗位、投简历! https://marketing.csdn.net/questions/Q2007091412518779288 【关于招聘专场直播】 直播时间:7月30日 13:00-17:30 直播奖品:进直播间,参与互动即有机会
2008最新2000多本最有价值的程序设计电子教程下载
热门推荐
syd168的专栏
11-09 1万+
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z OT A 回顶部A Computational Differential Geometry Approach to Grid Generation Second E
直流电机电枢控制(闭环)simulink.rar
最新发布
09-09
1.版本:matlab2014/2019a/2024a 2.附赠案例数据可直接运行matlab程序。
学习如何对其自动驾驶车辆进行编程simulink.rar
09-09
1.版本:matlab2014/2019a/2024a 2.附赠案例数据可直接运行matlab程序。
空间相关风速时程模拟matlab代码.rar
09-09
1.版本:matlab2014/2019a/2024a 2.附赠案例数据可直接运行matlab程序。
块函数 Square 的线性 Simulink.rar
09-09
1.版本:matlab2014/2019a/2024a 2.附赠案例数据可直接运行matlab程序。
项目水资源分析模拟综合平,长江经济带小水电基础信息管理系统,java_basic.java.io,_myproject.zip
09-09
项目水资源分析模拟综合平,长江经济带小水电基础信息管理系统,java_basic.java.io,_myproject
Active Directory系列教程:从基础到实践
"Active Directory教程由岳雷微软网络课堂提供,包括AD系列的多个主题,如域的部署、灾难恢复、额外域控制器的设置、授权还原、站点管理、域控制器卸载、域信任关系等,旨在帮助学习者掌握Active Directory的核心...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值