Last post May 20, 2008 11:43 AM by johram
May 16, 2008 01:07 AM|santoshkumarvitikala|LINK
I want to write an application which will get all the users from Active Directory.Can anyone tell me how to specify the path for the active directory for a local system.what will be the domain name?
DirectoryEntry entry = new DirectoryEntry("LDAP://127.0.0.0/CN=Users,DC=VSKUMAR,DC=local");
this is the one which i have written,but it is giving some error
ComException:this server is not operational.
plzz help me regarding this.
May 16, 2008 06:46 AM|siva_sm|LINK
Is an LDAP server running at the specified IP? If not, this the message/exeception you will get. 127.0.0.1 is the local loopback IP generally. Make sure an LDAP service is running locally.
May 18, 2008 11:33 PM|santoshkumarvitikala|LINK
siva, thanks for the reply....see I have no idea of LDAP.Can you please give me an idea how to get the user information from Windows Active Directory.
May 20, 2008 11:43 AM|johram|LINK
To begin with, I recommend you read Ryan Dunn's article
Common System.DirectoryServices Issues and Solutions. This will explain the basic stuff you need to know to get connected in a web environment. Basically, when you run things off your desktop (via Visual Studio), most things work fine as then you run with
your own domain user. But when you deploy it to IIS you start getting errors. Dunn's article will explain why this happens.
Now, in your case, you need to get the right LDAP connection string to your domain. LDAP is a protocol that is used to access directory services. Hence, Active Directory is a directory service and "speaks" LDAP. Think of an LDAP connection string as an URL
that you use on the web every day. It typically has a server and a path. With LDAP, the server can be omitted though.
When you create your DirectoryEntry, you need to specify where it should go (i.e. the connection string). You can do this either by hard-coding the value of the domain, or you can dynamically fetch it from the RootDSE object. Now, in your case I would recommend
the following lines of code to get started:
DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");
DirectoryEntry domain = new DirectoryEntry("LDAP://" + root.Properties["defaultNamingContext"].Value.ToString());
This will give you a DirectoryEntry called domain which you can use for searching (and other operations). If you continue by reading Dunn's next article
Common Patterns in System.DirectoryServices you should be able to copy/paste the searching code, using your domain DirectoryEntry in the above example.
Don't forget that once you deploy this in the IIS, you need to review the credentials with which you authenticate your DirectoryEntry! (see first article).