3

Possible Duplicate:
How can I get DOMAIN\USER from an AD DirectoryEntry?

Here is what I have right now:

DirectoryEntry de = new DirectoryEntry("LDAP://" + domain);
SearchResult result;
DirectorySearcher search = new DirectorySearcher(de);
search.Filter = String.Format("(cn={0})", groupName);
search.PropertiesToLoad.Add("member");
result = search.FindOne();

Note that groupName (which a parameter passed into the method representing the name of the group to search in) can be a universal group, which means it might contain accounts from other domains.

Which property in the searchresultcollection should I use to find the domain the account originates from, or even better is there a webpage that has a list of all the properties available to this particular collection?

Community
  • 1
  • 1
deutschZuid
  • 1,028
  • 2
  • 15
  • 33
  • Which collection are you referring to? i don't see any reference to a `searchpropertycollection` in your code. – Alastair Pitts Nov 27 '11 at 22:28
  • It's called searchresultcollection. My apologies. Also @joshperry, that question didn't come up in the list of suggestions. The content of the question is not quite duplicate, but one of the answers does answer my question. Thanks. – deutschZuid Nov 27 '11 at 22:50
  • However, a list of properties would still be good :D – deutschZuid Nov 27 '11 at 22:53

1 Answers1

2

The distinguishedName property of any AD object should always contain the full LDAP compatible path to that object, e.g.

CN=John Doe,OU=Marketing,OU=IntlSales,DC=YourMegaCorp,DC=com

Based on that DN you can figure out the domain (DC=YourMegaCorp,DC=com) that this user came from. I don't think there's any other (default) AD attribute that would give you just the domain, though - you'll need to "crack and parse" that DN to get the info you need.

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459