How can I get a list of users from active directory

Question

How can I get a list of users from active directory   Is there a way to pull username  firstname  lastname   I saw a similar post where this was used    PrincipalContext ctx   new PrincipalContext ContextType Domain   YOURDOMAIN      I have never done anything with active directory so I am completely lost   Any help would be greatly appreciated

User · Answer

Certainly the credit goes to  Harvey Kwok here  but I just wanted to add this example because in my case I wanted to get an actual List of UserPrincipals  It s probably more efficient to filter this query upfront  but in my small environment  it s just easier to pull everything and then filter as needed later from my list    Depending on what you need  you may not need to cast to DirectoryEntry  but some properties are not available from UserPrincipal   using  var searcher   new PrincipalSearcher new UserPrincipal new PrincipalContext ContextType Domain  Environment UserDomainName           List lt UserPrincipal gt  users   searcher FindAll   Select u   gt   UserPrincipal u  ToList        foreach var u in users                        DirectoryEntry d    DirectoryEntry u GetUnderlyingObject                Console WriteLine d Properties  GivenName    Value  ToString     d Properties  sn    Value  ToString

User · Answer

Include the System DirectoryServices dll  then use the code below   DirectoryEntry directoryEntry   new DirectoryEntry  WinNT       Environment MachineName   string userNames  Users      foreach  DirectoryEntry child in directoryEntry Children        if  child SchemaClassName     User                 userNames    child Name   Environment NewLine                       MessageBox Show userNames

User · Answer

PrincipalContext for browsing the AD is ridiculously slow  only use it for  ValidateCredentials  see below   use DirectoryEntry instead and  PropertiesToLoad   so you only pay for what you need  Filters and syntax here  https   social technet microsoft com wiki contents articles 5392 active-directory-ldap-syntax-filters aspx Attributes here  https   docs microsoft com en-us windows win32 adschema attributes-all using  var root   new DirectoryEntry   quot LDAP    Domain  quot          using  var searcher   new DirectorySearcher root                    looking for a specific user         searcher Filter     quot   amp  objectCategory person  objectClass user  sAMAccountName  username    quot              I only care about what groups the user is a memberOf         searcher PropertiesToLoad Add  quot memberOf quot                FYI  non-null results means the user was found         var results   searcher FindOne             var properties   results  Properties          if  properties  Contains  quot memberOf quot      true                               iterate over all the groups the user is a member of                    Clean  simple  fast  No magic  no half-documented calls to  RefreshCache to grab the tokenGroups or to  Bind or  NativeObject in a try catch to validate credentials  For authenticating the user  using  var context   new PrincipalContext ContextType Domain         return context ValidateCredentials username  password

User · Answer

If you are new to Active Directory  I suggest you should understand how Active Directory stores data first   Active Directory is actually a LDAP server   Objects stored in LDAP server are stored hierarchically   It s very similar to you store your files in your file system   That s why it got the name Directory server and Active Directory  The containers and objects on Active Directory can be specified by a distinguished name   The distinguished name is like this CN SomeName CN SomeDirectory DC yourdomain DC com   Like a traditional relational database  you can run query against a LDAP server   It s called LDAP query   There are a number of ways to run a LDAP query in  NET   You can use DirectorySearcher from System DirectoryServices or SearchRequest from System DirectoryServices Protocol   For your question  since you are asking to find user principal object specifically  I think the most intuitive way is to use PrincipalSearcher from System DirectoryServices AccountManagement   You can easily find a lot of different examples from google   Here is a sample that is doing exactly what you are asking for   using  var context   new PrincipalContext ContextType Domain   yourdomain com          using  var searcher   new PrincipalSearcher new UserPrincipal context                  foreach  var result in searcher FindAll                          DirectoryEntry de   result GetUnderlyingObject   as DirectoryEntry              Console WriteLine  First Name      de Properties  givenName   Value               Console WriteLine  Last Name       de Properties  sn   Value               Console WriteLine  SAM account name         de Properties  samAccountName   Value               Console WriteLine  User principal name      de Properties  userPrincipalName   Value               Console WriteLine                      Console ReadLine      Note that on the AD user object  there are a number of attributes   In particular  givenName will give you the First Name and sn will give you the Last Name   About the user name   I think you meant the user logon name   Note that there are two logon names on AD user object   One is samAccountName  which is also known as pre-Windows 2000 user logon name   userPrincipalName is generally used after Windows 2000

User · Answer

If you want to filter y active accounts add this to Harvey s code   UserPrincipal userPrin   new UserPrincipal context    userPrin Enabled   true   after the first using  Then add   searcher QueryFilter   userPrin   before the find all  And that should get you the active ones

[c#] How can I get a list of users from active directory?

Examples related to c#

Examples related to asp.net

Examples related to .net

Examples related to active-directory