Publish Article
Go Freelance

Using Active Directory In ASP.Net - Dump Schema Information

This article is first in the series demonstrating the use of Active Directory in ASP.Net. Of course all the demo code is written in language of choice - C#. This series will not go into discussion of Active Directory or LDAP servers. We are assuming that the readers of these articles have basic understanding of these technologies.

This article demonstrates the use of following namespaces and classes.

  • System.DirectoryServices
  • System.DirectoryServices.DirectoryEntry
  • System.DirectoryServices.DirectorySearcher
  • System.DirectoryServices.SearchResultCollection
  • System.DirectoryServices.SearchResult
  • System.DirectoryServices.ResultPropertyCollection
  • System.DirectoryServices.PropertyValueCollection

What is this article about?

Searching an Active Directory is one of the major tasks in manipulation of various resources. When I started with ADSI programming, I used to look for right kind of filter values to use. Some time I had to go back forth and look at the Active Directory schema to find value I should be using to get the information I was looking for. For example If you want to get the information when the user account was last changed, you need to create a filter looking for "whenchanged" property in schema. So we decided to write a small dump utility that will display all the properties that are used to describe a user's account in Active Directory.

How To Do It

  • The first step in using Directory Services interfaces is to make connection with the node that you want to search for. .NET framework provides DirectoryEntry class to specify the search node. For example if you want to search for a resource in whole domain, then you need to connect to the top node of domain in Active Directory. It is very important that you specify the search location as close as possible to the nearest location where the resource could be found. Otherwise the search will take longer time. For example if You want to search for a user information, you need to specify the location as User node and not the whole domain resource tree.

    string strLDAP = "LDAP://pardesiservices.com"
    m_obDirEntry = new DirectoryEntry(strLDAP); 
  • After initializing the search node, you need to specify the query string in DirectorySearcher class object. You can set various parameter values of this object to fine tune your search and how the results will be returned. For this article we will only mention Filter property. This is the property that you will use to set your query string. The query string shall be specified in LDAP format. For example if you want to search for a user "foo", you can specify the query string as (cn=foo). It is very important that you specify the filter/query in parentheses. For more information on this property, look in the .NET documentation for Filter property of DirectorySearcher class.

    DirectorySearcher srch = new DirectorySearcher(m_obDirEntry);
    srch.Filter = "(cn=foo)";
  • The next step is to start the search. You will call FindAll or FindOne method on DirectorySearcher class object. If you are only interested in the first entry of the returned results, then call FindOne. Otherwise if you want to get all the search results, call FindAll method. This method returns the results as SearchResultCollection class subject.

    The other property that is worth mentioning is PropertiesToLoad. This property lets you specify the values you want the search to return. If you don't specify any properties, then search returns all the properties by default. Therefore if you are only interested in some of the values, then make sure that you specify those properties in the PropertiesToLoad. This way you can avoid unnecessary loading of all the values in memory.

    SearchResultCollection results;
    results = srch.FindAll();
  • After getting all the search results, you can iterate over each SearchResult entry in the SearchResultCollection. The SearchResult class object has Properties property that returns ResultPropertyCollection object. This contains all the properties were found by search you specified.

    foreach (SearchResult result in results)
       ResultPropertyCollection propColl = result.Properties;

    ResultPropertyCollection exposes ProperyNames property that returns the collection containing names of all the properties returned by search. You can iterate over this collection to get the names. We used this technique to get the names of all properties exposed by User objects.

    foreach (string strKey in propColl.PropertyNames)
      foreach (object obProp in propColl[strKey])
        this.AppendPropertyNode(obTopNode, strKey, obProp);

    And then you can use this property names to extract particular values from ResultPropertyCollection dictionary.

Demo Code

We have included the demo code with this article. All the Active Directory implementation has been encapsulated in ADSIUtil class. We have also created an utility class, ADSIUser. This class parses the search results and saves as a XmlDocument. And it also exposes some properties to get specific information like First Name, Last Name, etc. This class is not complete. But we will expand this as the series progress.

Platforms Tested

We have tested the included project on following platforms
  • Windows 2000 Adv. Server
  • Windows 2003 Enterprise Server

For any comments or suggestions, feel free to contact us at support@netomatix.com

Go Freelance
Home     About us     Contact us    Copyright    Privacy Policy    Return Policy    Advertisers
Copyright © Netomatix