I've to more methods using the DirectorySearcher, here is the class
using System;
using System.DirectoryServices;
using System.Configuration;
using System.Collections;
using System.Web.UI;
using System.Drawing;
using System.Data;
using System.IO;
using System.Web;
using intranet.Classes;
namespace intranet
{
/// <summary>
/// Summary description for ldap.
/// </summary>
public class ActiveDirectory
{
public ActiveDirectory()
{
//
// TODO: Add constructor logic here
//
}
/// <summary>
/// This methods checks if a user exist in the Active Directory.
/// </summary>
/// <param name="UserName">Username</param>
/// <returns>bool</returns>
public bool UserExist(string UserName)
{
DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new DirectorySearcher(de);
//ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
if(result == null)
{
return false;
}
}
catch(Exception ex)
{
throw new Exception("Error autenticating user." + ex.Message);
}
return true;
}
/// <summary>
/// Method to validate if a user exists in the AD.
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
/*
public bool UserExists(string UserName)
{
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot =de;
deSearch.Filter = "(&(objectClass=user) (cn=" + UserName +"))";
SearchResultCollection results = deSearch.FindAll();
if(results.Count == 0)
{
return false;
}
else
{
return true;
}
}
*/
/// <summary>
/// Gets User details from AD like user firstname, lastname, email etc.
/// </summary>
/// <param name="UserName">username</param>
/// <returns>array</returns>
public string[] getUserDetails(string UserName)
{
DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
string[] UserInfo = new string[3];
DirectorySearcher ds = new DirectorySearcher(de);
// ds.Filter = ("OU="+ GroupName + "");
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
try
{
if(result ==null)
{
UserInfo[0] = "Unknown";
UserInfo[1] = "Unknown";
return UserInfo;
}
}
catch(Exception ex)
{
throw new Exception("Error obtaining your details." + ex.Message);
}
UserInfo[0] =
result.GetDirectoryEntry().Properties["displayname"].Value.ToString();
UserInfo[1] =
result.GetDirectoryEntry().Properties["mail"].Value.ToString();
return UserInfo;
}
/// <summary>
/// This method checks if the logged on user is a member of a given
group in Active Directory.
/// Used to restrict access to certain area of the intranet.
/// </summary>
/// <param name="GroupName">Group name in AD</param>
/// <returns>bool</returns>
public bool IsMemberOf(string GroupName)
{
Security NTSecurity = new Security();
string UserName = NTSecurity.getLogonUser();
DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
//DirectoryEntry de = new
DirectoryEntry("LDAP://OU="+GroupName+",DC=amersham,DC=ac,DC=uk",Configur ationSettings.AppSettings["ADUser"],ConfigurationSettings.AppSettings["ADPass"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new
DirectorySearcher(de,"sAMAccountName="+UserName);
//ds.Filter = ("OU="+ GroupName + "");
//ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
if(result !=null)
{
return true;
}
}
catch(Exception ex)
{
throw new Exception("Access denied." + ex.Message);
}
return false;
}
}
}
"Nick Malik [Microsoft]" wrote:
Is this the only one using DirectorySearcher?
--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik
Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:FB**********************************@microsof t.com... Am using "Integrated Windows Authentication", it works fine but sometime
the
user requires to log off and log back in to avoid the error message.
I've few other method that calls the AD, only this one causing problem.
"Nick Malik [Microsoft]" wrote:
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you
won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right
to
bind.
What authentication mechanism is your app using? Do you allow anonymous
users?
--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik
Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:E3**********************************@microsof t.com...
> Nick thanks for your response.. the error message is shown below. Am
> trying
> to get Email Address, Displayname from the active directory passing
> username
> as the parameter.. do you think my method is wrong?? please help..
> many
> thanks again
>
> [COMException (0x80072020): An operations error occurred]
> System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)
> +705
> System.DirectoryServices.DirectoryEntry.Bind() +10
> System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
> System.DirectoryServices.DirectorySearcher.FindAll (Boolean
> findMoreThanOne) +199
> System.DirectoryServices.DirectorySearcher.FindOne () +31
> frs.ActiveDirectory.getUserDetails(String UserName) in
> c:\inetpub\wwwroot\buildingservices\frs\classes\ac tivedirectory.cs:57
> frs.request.Page_Load(Object sender, EventArgs e) in
> c:\inetpub\wwwroot\buildingservices\frs\request.as px.cs:50
> System.Web.UI.Control.OnLoad(EventArgs e) +67
> System.Web.UI.Control.LoadRecursive() +35
> System.Web.UI.Page.ProcessRequestMain() +750
>
>
>
> "Nick Malik [Microsoft]" wrote:
>
>> COM exception is the type of error, not the error itself. Please post
>> the
>> error itself...
>> And put a Try-Catch around your code!
>>
>> It's probably an error with the parameters.
>>
>> --
>> --- Nick Malik [Microsoft]
>> MCSD, CFPS, Certified Scrummaster
>> http://blogs.msdn.com/nickmalik
>>
>> Disclaimer: Opinions expressed in this forum are my own, and not
>> representative of my employer.
>> I do not answer questions on behalf of my employer. I'm just a
>> programmer helping programmers.
>> --
>> "huzz" <hu**@discussions.microsoft.com> wrote in message
>> news:C9**********************************@microsof t.com...
>> >I have web application that quaries the Active Directory to get user
>> > details.. everything works fine but someday I'll get
>> > System.Runtime.InteropServices.COMExection and if I restart the
>> > client
>> > machine then it works again.
>> >
>> > here is one of the method where am calling the AD
>> >
>> > public bool UserExist(string UserName)
>> > {
>> >
>> > DirectoryEntry de = new
>> > DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
>> > DirectorySearcher ds = new DirectorySearcher(de);
>> > ds.Filter = ("ObjectCategory=user");
>> > ds.Filter = ("samaccountname="+ UserName + "");
>> > SearchResult result = ds.FindOne();
>> > bool UserExist;
>> > if(result != null)
>> > {
>> > UserExist = true;
>> > }
>> > else
>> > {
>> > UserExist = false;
>> > }
>> > return UserExist;
>> > }
>> >
>> > Please help
>>
>>
>>