I've been dinking around in the System.DirectoryServices namespace lately trying to update user's in Active Directory. This particular namespace has 2 main component classes: DirectoryEntry and DirectorySearcher. After a couple of days (hence no posting) I have successfully accomplished the tasks of querying for and updating users. I will share some basic functionality for looking up and verifying users in Active Directory to lay the foundation for those of you that are interested. It might be useful to read up on LDAP to get a good understanding of what it is and how it works with Active Directory.
Setting up the connectionpublic static DirectoryEntry GetDirectoryEntry()
{
DirectoryEntry de = new DirectoryEntry();
de.Path = "LDAP://OU=Domain,DC=YourDomain,DC=com";
de.AuthenticationType = AuthenticationTypes.Secure;
return de;
}
Does a User Exist?
Before you update any user information it is probably a good idea to find out if they actually exist in the Active Directory.
public bool UserExists(string username)
{
DirectoryEntry de = GetDirectoryEntry();
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
deSearch.Filter = "(&(objectClass=user) (cn=" + username + "))";
SearchResultCollection results = deSearch.FindAll();
return results.Count > 0;
}
private String FindName(String userAccount)
{
DirectoryEntry entry = GetDirectoryEntry();
String account = userAccount.Replace(@"Domain\", "");
try
{
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + account + ")";
search.PropertiesToLoad.Add("displayName");
SearchResult result = search.FindOne();
if (result != null)
{
return result.Properties["displayname"][0].ToString();
}
else
{
return "Unknown User";
}
}
catch (Exception ex)
{
string debug = ex.Message;
return "";
}
}
The form I created has 2 textboxes (Username & Password) and a submit button. When the button is clicked all the events are fired and if everything checks out the user is updated in Active Directory.
private void btnUpdate_Click(object sender, EventArgs e)
{
if (tbUser.Text != "" && tbPass.Text != "")
{
string username = tbUser.Text.ToString();
string password = tbPass.Text.ToString();
if (UserExists(FindName(username))
{
ModifyUser(FindName(username), username, password);
}
}
}
Modify User Informationpublic void ModifyUser(string userDisplayName, string username, string password)
{
DirectoryEntry de = GetDirectoryEntry();
de.Username = username;
de.Password = password;
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("(&(objectclass=user)(objectcategory=person)
(displayname=" + userDisplayName + "))");
ds.SearchScope = SearchScope.Subtree;
SearchResult results = ds.FindOne();
if (results != null)
{
try
{
DirectoryEntry updateEntry = results.GetDirectoryEntry();
updateEntry.Properties["department"].Value = "555";
updateEntry.CommitChanges();
updateEntry.Close();
}
catch (Exception ex)
{
tbError.Text = ex.ToString();
}
}
de.Close();
}
Good luck! With a little patience you will find that Active Directory is quite fun to work with. Also keep in mind that this is a very basic example. When you master this you can start pulling data from external data sources, formatting, look them up in Active Directory and then update accordingly!