Re: Active Directory

Hi Marc,

I really appreciate your response. I have done quite a bit of reading and am still struggling with getting this to work. I am a seasoned developer, just not with using Directory Services and LDAP.

Here is what I have. I have a Windows 2003 Server VM that I use for SharePoint development efforts. In this type of "sandbox" environment, it is very common to have everything installed on the single server. This VM is an AD DC, running SQL Server 2005 and MOSS. I understand this won't be the same in a "real" production environment. The server is named "w2k3" and the domain is simply "moss".

I am first trying to simply see if an LDAP entry exist. The entry "LDAP://DC=moss"; returns a valid DirectoryService object instance. And so does "LDAP://DC=moss/CN=Users";. However, the entry "LDAP://DC=moss/CN=Bob Mixon" and "LDAP://DC=moss,CN=Bob Mixon" both fail. The account "Bob Mixon" is valid in AD; i.e. user id bob.mixon, name "Bob Mixon".

Ultimately all I want to do is locate a user account then retrieve that users manager information. This can't be that difficult.

Thank you for your time! :)

Bob Mixon [Microsoft SharePoint MVP]
http://www.ShareSquared.com
http://www.ShareSquared.com/blogs/BobMixon

Being a little less familiar with accessing AD, can someone tell me
the best way to obtain an AD user record (profile). Ultimately I
would like to simply obtain the manager that has been assigned to a
specific user.

You will need to bind to the user's AD object - this requires that you
understand what LDAP path names are,and how to construct those.

Something like: LDAP://yourserver01.domain.com/cn=Bob
Mixon,OU=IT,OU=Headquarters,dc=domain,dc=com

In order to be able to bind to an AD object, you'll need to add a
reference to the "System.DirectoryServices" assembly to your project,
and add a "using System.DirectoryServices" line into your code.

From there, you bind to the user by constructing a DirectoryEntry
object instance:

string ldapPath = "LDAP://yourserver01.domain.com/cn=Bob
Mixon,OU=IT,OU=Headquarters,dc=domain,dc=com";

DirectoryEntry deUser = new DirectoryEntry(ldapPath);

Once you have a "deUser" object, you can query for any valid LDAP
property, e.g. things like "givenName" (first name), "sn" (surname =
last name), "mail" (e-mail address) and so forth.

string firstName = deUser.Properties["givenName"].Value;

and so forth.

For more info, I'd suggest

* the MSDN portal for System.DirectoryServices
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/s
ds/portal.asp
* Joe Kaplan and Ryan Dunn's outstanding book on S.DS programming (the
"bible" for any S.DS programmer, really)

The .NET Developer's Guide to Directory Services Programming

http://www.amazon.com/Developers-Directory-Programming-Microsoft-Devel
opment/dp/0321350170/sr=8-1/qid=1168695760/ref=pd_bbs_sr_1/104-3503577
-8887962?ie=UTF8&s=books

* my C# ADSI object browser called "BeaverTail" (free and with source
code):
http://adsi.mvps.org/adsi/CSharp/beavertail.html
Cheers!
Marc


.

Relevant Pages