Windows Authentication User.Identity.Name to email address

Question

I have already tried to use How to obtain email address with window authentication, but a question remains:

I know how to ask for email address for John Smith, but what I get as authentication name is like INTRA\\JohnSmith3 or DEP21\\JohnSmith

How can I map INTRA\\JohnSmith3 or DEP21\\JohnSmith to the correct John Smith in AD?

score 1 · Accepted Answer · answered Nov 08 '13 at 08:39

1

What you get from Windows Authentication is the SAM Account Name. You need to look this up in Active Directory.

You can query Active Directory for users like this:

(&(objectCategory=person)(objectClass=user)(sAMAccountName=JohnSmith3))

In code:

string filter = "(&(objectCategory=person)"
     + "(objectClass=user)"
     + "(sAMAccountName=" + samAccountName + "))";
DirectorySearcher search = new DirectorySearcher(myLdapConnection);
search.Filter = filter;
SearchResult result = search.FindOne();
DirectoryEntry de = result.GetDirectoryEntry();

answered Nov 08 '13 at 08:39

Roy Dictus

32,551
8
60
76

If I omit the domain, aren't DEP21\\JohnSmith and HQ\\JohnSmith pointing to the same AD entry? – Alexander Nov 08 '13 at 09:04
The SAM Account Name does not include the domain. You can do a search where you don't do a `FindOne()` but a `FindAll()` and then filter the results on domain. To see how to find the domain of a given user, check out this other question on SO: http://stackoverflow.com/questions/4249139/c-sharp-active-directory-get-domain-name-of-user – Roy Dictus Nov 08 '13 at 09:08
So best would be to extract the domain name from the User.Identity.Name and use it to connect to the AD for that domain? – Alexander Nov 08 '13 at 09:29

Windows Authentication User.Identity.Name to email address

1 Answers1