Hello, I am tying to get the email address of a user under Active Directory using ASP.Net.
I'm quite new to the AD side of things, but I have had a fair amount of experience with asp.net. Could someone please help me contruct my LDAP path string. Here's what I have so far...
DirectoryEntry entry = new DirectoryEntry(
"LDAP://192.168.109.4/OU=People,DC=dev,DC=com",
"dev\\user",
"password", AuthenticationTypes.Secure);
My domain is "Dev" and my username is "macumberm" and im not going to tell you my password ;)
But when I put in these correct detials, I get the error:
A referral was returned from the server
what does this mean?
What id the OU?
How do I find out what to put in each parameter in the path string, OU, DC etc...
DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");
using (root)
{
Console.WriteLine(root.Properties["defaultNamingContext"][0].ToString());
}
This should tell you what the base DN you should be using is (when you run it in the domain of course). Then you can construct the AdsPath from there. Once you have this value, you can find your user account for example. Just read the first post in this
forum about common patterns and use the filter "(sAMAccountName=user)". It will tell you what the correct DN is for that user when you inspect the .Path property from either a SearchResult or a DirectoryEntry.
Have you tried running this locally from a machine joined to the domain and with your domain credentials? You see the way that all code runs is with the identity of the process that starts it. If you run the code on a machine that is not joined to the domain
or with a local account, it has no idea how to contact the domain.
If you tried running this with ASPNET, it would be a local account. The Locator service (which is contacted when using RootDSE), has no idea which domain (if any) to contact if it is contacted using a non-domain account.
If you cannot run this code locally on a domain machine (with a domain account), then you need to give it some more hints to tell it which domain you are looking for:
"LDAP://mydomain.com/RootDSE"
Of course, if you already knew your domain, I would not have given you this code since we can construct the proper DN string exactly when it is known.
using (entry)
{
if (entry.Properties.Contains("mail"))
{
foreach (object o in entry.Properties["mail"])
{
//iterate through each value in the 'mail' attribute as a string
str += o.ToString();
}
}
}
}
catch(Exception ex)
{
str = ex.Message;
}
but I get "There is no such object on the server"
I need to be able to read a users email given their username...
Well, the error tells me that you really do not have an OU called People (at least on that particular server). Are you using ADAM? Is that IP address pointing to a domain controller or your local computer?
Once you get that particular issue pointing to a non-existant object fixed (try using an LDAP browser to find this OU and get the string exactly), we can address the other issue that will trip you up: OU's don't have email addresses.
You are binding to a container that holds other objects and you are looking for an email address on the container. Instead, you should bind to the container, search for the objects that have email addresses you are interested in, and then iterate the email
addresses.
So, you have 3 steps:
1. Bind to your container - you are almost there, but you need to address this first.
2. Search for your objects - you can read the first post in the forum called "Common Patterns" to show how to do this.
3. Iterate through the email addresses - you are close, but it will change slightly from
what is ADAM? i dont know what you are refering to here, so probably not.
the IP is pointing to a domain controller, not my local machine.
Ill try to get the proper string then we'll go on to the next steps that you mentioned. Ill have a read of that thread you mentioned aswell.
Thanks for the help so far, I appreciate it greatly.
I got it working!! thanks so much for the help. I was having alot of trouble with the actual LDAP string to being with. But here is my code for getting the email of a user:
string mail = "";
try
{
DirectoryEntry entry = new DirectoryEntry("LDAP://192.168.109.4/CN=Users,DC=dev,DC=local");
DirectoryEntries entries = entry.Children;
foreach (DirectoryEntry members in entries)
{
if (members.Name.IndexOf("Some User Name") >= 0)
{
if (members.Properties.Contains("mail"))
{
foreach (object obj in members.Properties["mail"])
{
mail = obj.ToString();
}
}
}
}
}
catch(Exception ex)
{
str = ex.Message;
}
kram
Member
396 Points
94 Posts
Constructing LDAP path string
Dec 11, 2005 09:46 PM|LINK
I'm quite new to the AD side of things, but I have had a fair amount of experience with asp.net. Could someone please help me contruct my LDAP path string. Here's what I have so far...
DirectoryEntry entry = new DirectoryEntry(
"LDAP://192.168.109.4/OU=People,DC=dev,DC=com",
"dev\\user",
"password", AuthenticationTypes.Secure);
My domain is "Dev" and my username is "macumberm" and im not going to tell you my password ;)
But when I put in these correct detials, I get the error:
A referral was returned from the server
what does this mean?
What id the OU?
How do I find out what to put in each parameter in the path string, OU, DC etc...
any help would be gretly appreciated
Kram
dunnry
Star
9098 Points
1806 Posts
Re: Constructing LDAP path string
Dec 12, 2005 09:30 PM|LINK
Try this:
DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");
using (root)
{
Console.WriteLine(root.Properties["defaultNamingContext"][0].ToString());
}
This should tell you what the base DN you should be using is (when you run it in the domain of course). Then you can construct the AdsPath from there. Once you have this value, you can find your user account for example. Just read the first post in this forum about common patterns and use the filter "(sAMAccountName=user)". It will tell you what the correct DN is for that user when you inspect the .Path property from either a SearchResult or a DirectoryEntry.
Weblog
The Book
LDAP Programming Help
kram
Member
396 Points
94 Posts
Re: Constructing LDAP path string
Dec 12, 2005 11:28 PM|LINK
Im getting this error:
The specified domain either does not exist or could not be contacted
What can that mean? I thought if i ran your code it would be smart enought to know the domain it is on...
Do I have to modify your code?
Thank you for your help
dunnry
Star
9098 Points
1806 Posts
Re: Constructing LDAP path string
Dec 13, 2005 01:11 PM|LINK
If you tried running this with ASPNET, it would be a local account. The Locator service (which is contacted when using RootDSE), has no idea which domain (if any) to contact if it is contacted using a non-domain account.
If you cannot run this code locally on a domain machine (with a domain account), then you need to give it some more hints to tell it which domain you are looking for:
"LDAP://mydomain.com/RootDSE"
Of course, if you already knew your domain, I would not have given you this code since we can construct the proper DN string exactly when it is known.
Weblog
The Book
LDAP Programming Help
kram
Member
396 Points
94 Posts
Re: Constructing LDAP path string
Dec 13, 2005 08:55 PM|LINK
But I ran the code anyways, and what it gave me I wouldnt have told you correctly by the looks of things:
"DC=DEV,DC=local"
Is what it returned.
dunnry
Star
9098 Points
1806 Posts
Re: Constructing LDAP path string
Dec 14, 2005 01:52 PM|LINK
Yep, those shifty AD admins do this a lot. So, are you set then?
Weblog
The Book
LDAP Programming Help
kram
Member
396 Points
94 Posts
Re: Constructing LDAP path string
Dec 14, 2005 09:03 PM|LINK
String str = "";
try
{
DirectoryEntry entry = new DirectoryEntry(
"LDAP://192.168.109.4/OU=People,DC=dev,DC=local",
"dev\\username",
"password", AuthenticationTypes.Secure);
using (entry)
{
if (entry.Properties.Contains("mail"))
{
foreach (object o in entry.Properties["mail"])
{
//iterate through each value in the 'mail' attribute as a string
str += o.ToString();
}
}
}
}
catch(Exception ex)
{
str = ex.Message;
}
but I get "There is no such object on the server"
I need to be able to read a users email given their username...
dunnry
Star
9098 Points
1806 Posts
Re: Constructing LDAP path string
Dec 15, 2005 01:54 PM|LINK
Once you get that particular issue pointing to a non-existant object fixed (try using an LDAP browser to find this OU and get the string exactly), we can address the other issue that will trip you up: OU's don't have email addresses.
You are binding to a container that holds other objects and you are looking for an email address on the container. Instead, you should bind to the container, search for the objects that have email addresses you are interested in, and then iterate the email addresses.
So, you have 3 steps:
1. Bind to your container - you are almost there, but you need to address this first.
2. Search for your objects - you can read the first post in the forum called "Common Patterns" to show how to do this.
3. Iterate through the email addresses - you are close, but it will change slightly from
Weblog
The Book
LDAP Programming Help
kram
Member
396 Points
94 Posts
Re: Constructing LDAP path string
Dec 15, 2005 08:50 PM|LINK
what is ADAM? i dont know what you are refering to here, so probably not.
the IP is pointing to a domain controller, not my local machine.
Ill try to get the proper string then we'll go on to the next steps that you mentioned. Ill have a read of that thread you mentioned aswell.
Thanks for the help so far, I appreciate it greatly.
kram
Member
396 Points
94 Posts
Re: Constructing LDAP path string
Dec 15, 2005 09:56 PM|LINK
string mail = "";
try
{
DirectoryEntry entry = new DirectoryEntry("LDAP://192.168.109.4/CN=Users,DC=dev,DC=local");
DirectoryEntries entries = entry.Children;
foreach (DirectoryEntry members in entries)
{
if (members.Name.IndexOf("Some User Name") >= 0)
{
if (members.Properties.Contains("mail"))
{
foreach (object obj in members.Properties["mail"])
{
mail = obj.ToString();
}
}
}
}
}
catch(Exception ex)
{
str = ex.Message;
}