Loop LDAP memberOf as return to show all for single user

Question

Pretty new to using LDAP, and C# in general, and I did more than a few searches, but most of my attempted fixes have lead nowhere.

I am pulling information from the LDAP. Everything works, except I can only pull the memberOf information if I am explicit in which array number I want. Attempts to use a foreach, or a for statement have lead nowhere. I know I am probably missing something simple, but I figured I should just ask.

public static String FindOther(String userAccount)
{
   DirectoryEntry entry = GetDirectoryEntry();
   DirectorySearcher search = new DirectorySearcher(entry);
   try
   {
      search.Filter = "(SAMAccountName=" + account + ")";
      search.PropertiesToLoad.Add("distinguishedName"); 
      search.PropertiesToLoad.Add("displayName"); 
      search.PropertiesToLoad.Add("mail"); 
      search.PropertiesToLoad.Add("CN");
      search.PropertiesToLoad.Add("Title");
      search.PropertiesToLoad.Add("sn");
      search.PropertiesToLoad.Add("givenname");
      search.PropertiesToLoad.Add("telephoneNumber");
      search.PropertiesToLoad.Add("memberOf"); 
      SearchResult result = search.FindOne();

      if (result != null)
      {
         return
            "Results for " + userAccount + "\n" +
            " DistinguishedName..: " + result.Properties["distinguishedName"][0].ToString() + "\n" +
            " Displayname........: " + result.Properties["displayname"][0].ToString() + "\n" +
            " eMail..............: " + result.Properties["mail"][0].ToString() + "\n" +
            " Common Name........: " + result.Properties["CN"][0].ToString() + "\n" +
            " Title..............: " + result.Properties["Title"][0].ToString() + "\n" +
            " Last Name..........: " + result.Properties["sn"][0].ToString() + "\n" +
            " First Name.........: " + result.Properties["givenname"][0].ToString() + "\n" +
            " Telephone..........: " + result.Properties["telephoneNumber"][0].ToString() + "\n" +                                    
            " Member Of..........: " + result.Properties["memberOf"][0].ToString() + "\n" +  
            " Member Of..........: " + result.Properties["memberOf"][1].ToString() + "\n" +  
            "End Transmission" + "\n";
         }
         else
         {
            return "Object not found... User ID: " + account;
         }
      }
      catch (Exception ex)
      {
         return "Big Ol Error: " + ex.Message + " User ID: " + account;
      }
   }

Thank you all for any help you could provide.

score 2 · Accepted Answer · answered May 21 '13 at 20:08

2

You can enumerate through an PropertyCollection this way:

   string Ret = string.Empty;
   ...
   foreach(object memberOf in result.Properties["memberOf"])
   {
      Ret += " Member Of..........: " + memberOf.ToString() + "\n";
   }

answered May 21 '13 at 20:08

ThoWoi

114
4

This worked perfectly once I was smart enough to put it after the SearchResult, before the if(result!=null), and add the +Ret in the return. Thank you very much!! – Kveld Ulf May 22 '13 at 12:47

score 1 · Answer 2 · edited May 23 '17 at 11:50

I'm going to give a slight disclaimer here, mostly because I've never coded to Active Directory or the Lightweight Directory Access Protocol. Some of the things that I do know, is a DirectoryEntry usage recommends:

Use GetDirectoryEntry when you want to look at the live entry instead of the entry that was returned through DirectorySearcher, or when you want to invoke a method on the object that was returned.

This particular method will return the information directly from Active Directory. Where DirectorySearcher will only generate through what is currently available in the collection. I mention this, because without the collection being filled it won't generate much.

I'm not sure what type of application your building, but Microsoft has an entire area within Microsoft Developer Network that mentions how to integrate several LDAP / AD features into an application.

I'm not sure of your entire goal, but I believe this is what you are seeking. If not let me know and I'll modify the code.

static void Main(string[] args) { string groupName = "Domain Users"; string domainName = "";

    PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domainName);
    GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, groupName);

    if (grp != null)
    {
         foreach (Principal p in grp.GetMembers(false))
            {
                Console.WriteLine(p.SamAccountName + " - " + p.DisplayName);
            }


        grp.Dispose();
        ctx.Dispose();
        Console.ReadLine();
    }
    else
    {
        Console.WriteLine("\nWe did not find that group in that domain, perhaps the group resides in a different domain?");
        Console.ReadLine();
    }
}

This code was actually from a book, it was used to accomplish such a goal. But as I stated up top, I've never physically done such a task- I'm just hoping to point you in the proper direction.

Another question similar to yours can be found here, which contains good reference and answers your question I believe.

This is fantastic, and will help me with other parts of the code that I need, but wasn't quite what I was after. However, the other answer provided worked perfectly. Thank you, though, for the resources you included!! — Kveld Ulf, May 22 '13 at 12:46

Loop LDAP memberOf as return to show all for single user

2 Answers2