5

i want to get list of OU from Active Directory.

i have only domain name.

how can i achieve this using c#?

Arjun babu
  • 607
  • 2
  • 13
  • 42
  • All OU's, or just the top-level ones right under the root? – marc_s Nov 28 '12 at 13:11
  • Possible duplicate of [How can I get a list of Organizational Units from Active Directory?](https://stackoverflow.com/questions/5347096/how-can-i-get-a-list-of-organizational-units-from-active-directory) – Liam Jan 12 '18 at 15:35

2 Answers2

7

Try something like this:

// connect to "RootDSE" to find default naming context
DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");

string defaultContext = rootDSE.Properties["defaultNamingContext"][0].ToString();

// bind to default naming context - if you *know* where you want to bind to - 
// you can just use that information right away
DirectoryEntry domainRoot = new DirectoryEntry("LDAP://" + defaultContext);

// set up directory searcher based on default naming context entry
DirectorySearcher ouSearcher = new DirectorySearcher(domainRoot);

// SearchScope: OneLevel = only immediate subordinates (top-level OUs); 
// subtree = all OU's in the whole domain (can take **LONG** time!)
ouSearcher.SearchScope = SearchScope.OneLevel;
// ouSearcher.SearchScope = SearchScope.Subtree;

// define properties to load - here I just get the "OU" attribute, the name of the OU
ouSearcher.PropertiesToLoad.Add("ou");

// define filter - only select organizational units
ouSearcher.Filter = "(objectCategory=organizationalUnit)";

// do search and iterate over results
foreach (SearchResult deResult in ouSearcher.FindAll())
{
    string ouName = deResult.Properties["ou"][0].ToString();
}

If you have a domain name (e.g. mycompany.com), then the LDAP root domain typically will be called dc=mycompany,dc=com - that's a convention, it doesn't have to be that way though. That's why I'm connecting to the LDAP://RootDSE virtual LDAP root and I read out the property Default Naming Context which gives me the default LDAP path.

If you know where you want to connect to - feel free to skip that first step and just provide the valid LDAP path (e.g. LDAP://dc=YourCompany,dc=co,dc=jp or whatever) to create the domainRoot directory entry.

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
  • @ Marc : But, `ouSearcher.SearchScope = SearchScope.OneLevel;` this line gives error.that error is `CS0104: 'SearchScope' is an ambiguous reference between 'System.DirectoryServices.SearchScope' and 'System.DirectoryServices.Protocols.SearchScope'.` – Arjun babu Nov 28 '12 at 13:30
  • 3
    @SanjuMonu: **read the error message!** It clearly states what the problem is (you're referencing **two namespaces**, and both of those have a class called `SearchScope`). If you do need both namespaces - then you need to use: `SearchScope = System.DirectoryServices.SearchScope.OneLevel` ..... – marc_s Nov 28 '12 at 13:39
  • (objectClass=organizationalUnit) – VnDevil Jun 24 '18 at 08:51
4

Add a reference to System.DirectoryServices in the project

    public static List<string> ListOu()
    {
        List<string> ous = new List<string>();
        using (DirectoryEntry root = new DirectoryEntry("LDAP://dc=DOMAIN,dc=COM"))
        {
            DirectorySearcher searcher = new DirectorySearcher(root);
            searcher.Filter = "(&(objectClass=organizationalUnit))";
            searcher.SearchScope = SearchScope.Subtree;
            searcher.PropertiesToLoad.Add("distinguishedName");

            var result = searcher.FindAll();
            foreach (SearchResult entry in result)
            {
                ous.Add(entry.GetDirectoryEntry().Properties["distinguishedName"].Value.ToString());
            }        

            result.Dispose();
            searcher.Dispose();
        }
        return ous;
    }
nils
  • 558
  • 5
  • 13