Re: listing Object properties from SearchResult

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 05/13/05


Date: Fri, 13 May 2005 11:00:35 -0500

The directoryentry used for the searchroot object determines the security
context that the search is performed with. It is possible that you are
authenticating anonymously, and thus can't see many properties. You can
verify this by passing in credentials to the DirectoryEntry before executing
the search and seeing if you get different results. If so, that was the
problem.

If that is the problem, there are other ways to solve it than using a
hard-coded service account, but it is the easiest way to verify the issue.

Joe K.

<dl> wrote in message news:%23kJpCn8VFHA.2768@tk2msftngp13.phx.gbl...
>I did tried to throw in the PropertiesToLoad lines; one for each property
> that I was going to get. But that didn't make any difference.
> Interesting
> enough the account I am using (to login via login.aspx) to list this
> directory is the same as the one I used to create the entries and the OU.
> Do I need to pass on the credential (somewhere) to this page ? or do I
> need
> to bind with the credential?
> TIA
>
> Here is my code before the foreach statements ..
> String strPath = "LDAP://ou=" + txtOUName.Text +
> ",dc=domain,dc=com";
> //Bind to the OU
> DirectoryEntry myEnt = new DirectoryEntry(strPath);
>
> //do a DirectorySearch
> DirectorySearcher mySearcher = new DirectorySearcher(myEnt);
> mySearcher.PropertiesToLoad.Add("sn");
> mySearcher.PropertiesToLoad.Add("givenName");
> mySearcher.PropertiesToLoad.Add("telephoneNumber");
>
> mySearcher.Filter = "(objectClass=user)";
>
> SearchResultCollection resEntAll = mySearcher.FindAll();
>
>
> "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
> in message news:uynwLa8VFHA.2692@TK2MSFTNGP15.phx.gbl...
>> What did you put in to PropertiesToLoad? Also, it is possible that the
>> security context you bound with only has rights to see a subset of the
>> properties you requested.
>>
>> Those are my two best guesses given what you've told us.
>>
>> Joe K.
>>
>> <dl> wrote in message news:OCHzJf4VFHA.1148@tk2msftngp13.phx.gbl...
>> > Hi
>> > I have the following lines of code that are suppose to list some
> selected
>> > properties of all the object entries in a SearchResult but the code is
>> > only
>> > listing one property ie. the 'sn' and the corresponding value for all
> the
>> > entries, do you have a clue why?
>> > TIA
>> > ----------------------
>> > foreach (SearchResult resEnt in resEntAll)
>> > {
>> > i++;
>> > dr = dt.NewRow();
>> > foreach (string propKy in
> resEnt.Properties.PropertyNames)
>> > {
>> > switch (propKy)
>> > {
>> > case "sn":
>> > y = 0;
>> > break;
>> > case "givenName":
>> > y = 1;
>> > break;
>> > case "telephoneNumber":
>> > y = 2;
>> > break;
>> > default:
>> > y = 3;
>> > break;
>> > }
>> > if (y < 3)
>> > {
>> > ResultPropertyValueCollection valco =
>> > resEnt.Properties[propKy];
>> > foreach (Object prop in valco)
>> > {
>> > dr[y] = prop.ToString();
>> > }
>> > }
>> > }
>> > dt.Rows.Add(dr);
>> > }
>> >
>> > --
>> >
>> >
>> >
>>
>>
>
>



Relevant Pages

  • Re: Problem passing user credentials to AD
    ... Since this is a web application, then passing null credentials will make the ... DirectoryEntry pick up the credentials of the current thread security ... order to delegate the user's security context to a different machine (what ...
    (microsoft.public.dotnet.security)
  • Re: defaultNamingContext property failing in asp.net
    ... you may need to provide credentials in your DirectoryEntry as well as a ... Credentials and a DC to talk to are the two things that ADSI picks up from ... context isn't a domain account, ... Joe K. ...
    (microsoft.public.dotnet.languages.csharp)
  • RE: "Sudden" Active Directory error on ASP.NET
    ... the problem is concerned with your asp.net web application's security ... | hard-coded userID and password in the DirectoryEntry constructor. ... It works on the development desktop but not on the IIS ... |> Hi Patrick, ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: VB.NET LDAP Class
    ... This isn't the first time Joe has mentioned the faults in this code either, ... It basically revolves ... You also have to create the DirectoryEntry based on the user ... > I wasn't criticizing your code Jon, I was criticizing the code in the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Why am I getting errors when I want to rebuild the TreeView co
    ... Thanks Joe that worked out well. ... DirectoryEntry object's path. ... string newDomain = domainName; ... //Tag the 1st Tree Node ...
    (microsoft.public.dotnet.security)