Security :: Retrieve And Display Common Name And E-mail Address From Active Directory?
Dec 1, 2010
I'm a bit of a newbie when it comes to AD... But what I want to achieve in the first instance is to use the AD to display the staff name and e-mail address from Active Directory, when they are logged onto the company Intranet. Using the 'login status' I can display domain/username, but would prefer the 'CN' and e-mail address to be shown instead.
I'm using C# and I've got as far as putting Using System.DirectoryServices in my references and .cs file
Staff are authenticated using "Windows" authentication rather than "forms" as they would already be logged onto a PC and should not require to log onto the Intranet again
PS Tried to search through the forums, but the examples shown seem to be to retrieve multiple users / info from AD and I hope my request is a 'simpler' fix
I want to learn how to add/delete/update account (including adding mail boxes for new users). Can someone point to a good book where I can begin from. I want to start with some real basics and build from there.
I have some code that returns my LastPasswordSet date when I use my administrator account on my development machine using localhost but when I deploy to me test server and I get an exception "Object reference not set to an instance of an object" [Code].... [Code].... Any ideas?
I am trying to retrieve all the users from active directory into a sorted list, but for some reason it does not return all the users like myself for instance. It's on a client's ad and there is probably about 1500+ users in AD.
I have an application where I display every Active Directory group that the current user belongs to. When I have my config setup like this:
<authentication mode="Windows"/> <authorization> <deny users="?"/> <allow users="*"/> </authorization> It works fine. When it's like this: <authentication mode="Windows"/> <authorization> <!--<deny users="?"/>--> <allow users="*"/> </authorization>
No groups are found. Why does this make a difference? Does asp.net only authenticate if we are specifically denying access to unauthenticated users? If it helps this is how i'm getting the groups:
protected string GetUserGroups() { StringBuilder userGroups = new StringBuilder(); ArrayList groupMembers = new ArrayList(); DirectoryEntry root = new DirectoryEntry("LDAP://myldap/DC=nc,DC=local"); DirectorySearcher ds = new DirectorySearcher(root); ds.Filter = String.Format("(&(samaccountname={0})(objectClass=person))", User.Identity.Name.Substring(User.Identity.Name.LastIndexOf(@"") + 1)); ds.PropertiesToLoad.Add("memberof"); try { foreach (SearchResult sr in ds.FindAll()) { foreach (string str in sr.Properties["memberof"]) { string str2 = str.Substring(str.IndexOf("=") + 1, str.IndexOf(",") - str.IndexOf("=") - 1); groupMembers.Add(str2); } } } catch { //ignore if any properties found in AD } return String.Join("|", (string[])groupMembers.ToArray(typeof(string))); }
I would like to control the menu display (show/hide menu items) in my ASP.NET 3.5 website based on the user's AD group and also control the functionality within a page using user's active directory group membership. how to do this? menu is stored in an xml file and bound to a control. all the examples I see on the web are related to forms authentication. this is an intranet website with integrated windows authentication and both authentication and authorization should be controlled using user's active directory groups.
I am using System.directory services namespace in framework 2 to query active directory. I have used fixed user account impersonisation in the web.config file, find the code:
I have disabled anonymous access in IIS. Also i have given Read & write access to the account tang09 for the website virtual directory and Microsoft.NET folder located in windows folder. But still i get prompted for the domain username and password to access the website.
I'm new to directoryServices and im trying to capture all users in the active directory and their organizational units but i'm having abit of trouble here, i've been reading through the forums and searching online but can't seem to find information that is viable to me.
Here is brief overview of what im trying to do. Im trying to create a datatable where i can insert all the usernames and their ou by capturing the values from the AD but i keep getting alot of duplicated usernames BUT in different organizationalUnits. I've checked the AD, and they do not belong so the following are my codes, but i can't seem to figure out what is wrong.
That works - but I see employees that are checked to not be part of the global address list in exchange and I want to filter them here also - so I changed the query to this and it doesn't work:
I need to retrieve the GUID for the Current User? I've found that it's possible with DirectoryEntry, but is there a way I can do it in similar fashion to WindowsIdentity.GetCurrent.User.Value - which actually returns the SID?
have a probleme with my search filter, i want to list the users of an organizational unit result.filter =(& (objectClass= user)(ou=dep1)); ====> it didn't work for me
I need to list a group of users, their group name is (IRS Group) to a list group. how to do this. I'm very new to asp.net and dont have much knowlegde about acctive directory.
I am updating some CS code that was written in 2004, and that references some assemblies which extract user data from AD by query filtering on the user's title. I can't test my updated code in VS2010 because the assemblies no longer compile - the references are no longer valid (I can't create a DirectoryEntry or DirectorySearcher) so I need to work out how to replace the code with current directoryservices.accountmanagement namespace properties and methods. I have searched around but don't seem to be getting anywhere. give me some code that will work with vs 2010 to replicate the following:
I have a problem with saving some data into extensionattribute in AD.There is no problem with saving data into properties like "Mobile" or "SN" but when I try to save data into one of extensionAttribute , for example: extensionAttribute7 , I get an error "The attribute syntax specified to the directory service is invalid".There is no problems of read data from extension Attributes.
