Something like the code example below should work. Some keys things to
mention:
1) ASP.NET does not have access to domains Active Directory. You need to
create a domain user, with minimal permissions, which the app can then use
to perform ldap queries: this would be used to set the ldapUser and
ldapPassword noted in code below.
2) You will obviously need to store the username and password noted above so
they should be encrypted to keep someone from misusing the account.
3) You need to know the name of your AD domain to format the ldapPath
properly. If your domain was "mycompany.net", the format of the ldapPath
would be something like "LDAP://DC=mycompany,DC=net". See the Active
Directory docs or at least the doc for framework classes such as
DirectoryEntry for more info.
Hope this helps.
Imports System.Security.Principal
Imports System.DirectoryServices
Friend Class MySearcher
Public Sub DoSearch
' Need to get or set ldapPath, ldapUser and ldapPassword
Dim de As DirectoryEntry = New DirectoryEntry(ldapPath, ldapUser,
ldapPassword)
Dim searcher As DirectorySearcher = New DirectorySearcher(de)
' Parse domain\user to get just the user
Dim domainUserName As String = WindowsIdentity.GetCurrent.Name
Dim myID As String = myID.Substring(domainUserName.IndexOf("\") + 1)
searcher.Filter = String.Format("(SAMAccountName={0})",myID)"
searcher.FindOne()
Dim sr As SearchResult = searcher.FindOne
If Not (sr Is Nothing) Then
' "my" objects below would be something like class properties
myUserName = GetAdProperty(sr, "SAMAccountName")
myFirstName = GetAdProperty(sr, "givenname")
myMiddleName = GetAdProperty(sr, "middlename")
myLastName = GetAdProperty(sr, "sn")
myCompany = GetAdProperty(sr, "company")
myDepartment = GetAdProperty(sr, "department")
myTitle = GetAdProperty(sr, "title")
myEmail = GetAdProperty(sr, "mail")
myPhone = GetAdProperty(sr, "telephonenumber")
' more properties are available....just some examples of
typical ones
End If
End Sub
'**************************************
' Helper function to get the value in the AD property
Private Function GetAdProperty(ByVal sr As SearchResult, ByVal
propertyName As String) As String
Try
Return sr.Properties(propertyName)(0).ToString
Catch ex As Exception
Return ""
End Try
End Function
End Class
<pt******@hotmail.com> wrote in message
news:11**********************@l41g2000cwc.googlegr oups.com...
I want to do an AD lookup of the current logged on user. From ASP.NET
I can get the identity name of the user in the form of
"<domain>\<user>". How do I perform an AD search based on that
information using the syntax "LDAP://"?