News

Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

Navigation

Hebrew Articles

Index Pages

My OSS Projects

English Articles

Performing Queries Against Active Directory Domain Services

One of the missions
that needed my
attention lately was
to check whether a
user exists in an
enterprise Active Directory.
The post will show exactly how to perform such a query.

The DirectoryEntry Class

The DirectoryEntry class represent an entry in Active Directory.
That entry live in memory when created and changes that you
perform on it won’t be submitted to Active Directory unless you
call the CommitChnages method. That class can be found in
System.DirectoryServices namespace.
The following code shows how to create a DirectoryEntry object
using a the path to the LDAP, username and password:

var entry = new DirectoryEntry(path, username, password);

The DirectorySearcher Class

The DirectorySearcher class enable us to perform queries
against Active Directory. Once you have a DirectoryEntry in
hand you can pass it to the DirectorySearcher and then commit
queries to your Active Directory. When you create the DirectorySearcher
you also supply the optional list of properties that you want to
retrieve. As the DirectoryEntry, it is also available in the
System.DirectoryServices namespace.
The following code shows how to create a DirectorySearcher
with a given DirectoryEntry:

var searcher = new DirectorySearcher(entry);

How to Perform a Query Against Active Directory Domain Service

The following code snippet shows a simple method that
perform a query against Active Directory:

private SearchResult SearchLDAPById(string userId, string path, string username, string password){    var entry = new DirectoryEntry(path, username, password);    var search = new DirectorySearcher(entry);     search.Filter = string.Format("({0}={1})", "SAMAccountName", userId);    search.PropertiesToLoad.Add("displayName");     return search.FindOne();}

The query returns the display name for a logon name of a user which
is saved in Active Directory as SAMAccountName. As you can see
we get back a SearchResult object which we can investigate for
our retrieved display name.

Summary

In the post I showed how you can perform a query against
Active Directory domain service. I also introduced the
DirectoryEntry and DirectorySearcher classes.
I hope you will find this information useful.