Updated April 17, 2023
Introduction to Active Directory with C#
Active Directory with C# is first and foremost to organize computers, company users, and so on. The essential thing is a user management system which is generally used by enterprise networks and for business purposes. A company admin will use to organize the company’s entire history from the computers belongs to the network, the profile and access permissions, and so on. Active directory is a type of database like Oracle and SQL it has its own query type language and set of rules based on LDAP.
Syntax:
To access the DirectoryEntry object we required the Active Directory username, password, and server address. The server address contains the IP address or the path of LDAP looks like as the syntax as follows,
LDAP://domain_name.com/DC=domain_name,DC=com
How Active Directory works in C#?
Active Directory really helps for IT admin which helps to organize their company users, desktops and more it has entire hierarchical structure belong to which network and what the profile picture shows and who accessing the storages and so on. Most of the businesses progress their applications from desktop to web applications holding the form-based LDAP authentication. On occasion .NET applications interact with Microsoft Active Directory (AD) to retrieve the user’s list, to search out groups, to authenticate the users, and also to verify which users are in which Active Directory group. By using some approaches, we can retrieve the information from the AD database within our domain.
There are various approaches one is to make use of the LDAP (Lightweight Directory Access Protocol) it contains the classes DirectoryEntry and DirectorySearch belong to the namespace System.DirectoryServices. One more approach is to make use of the entire set of class wrappers in Active Directory (AD) under the namespace System.DirectoryServices.AccountManagement. By using the LDAP queries we can get the information from AD database. This class allows accessing the entire AD but the wrapper class allows retrieving the users, computer objects, groups in AD. The classes DirectoryEntry and DirectorySearch objects are quicker than the object System.DirectoryServices.AccountManagement.
The basic thing for Active Directory with C# includes the System.DirectoryService library, it helps to query with AD library routines. Active directory communicates through the objects of DirectoryEntry. Those objects are the most important connections to the LDAP database which we can query for additional objects and folders. To access the DirectoryEntry object we required the Active Directory username, password, and server address. The server address contains the IP address or the path of LDAP looks like as follows,
LDAP://domain_name.com/DC=domain_name,DC=com
Examples of Active Directory with C#
To connect with Active Directory for objects of DirectoryEntry, for we need to create the user of secure authenticate type which indicates the secure authenticated connection to the Active Directory. When connecting with an account of the admin we can perform the admin Active Directory functions such as creating new users, to update users, to deleting the users, and so on.
Get the DirectoryEntry of Directory object
private DirectoryEntry Reterieve_DirectoryObject( )
{
DirectoryEntry Obj_de;
Obj_de=new DirectoryEntry("LDAP://IP_Address", "admin","password", AuthenticationTypes Secure);
return _de;
}
Get the user from Active Directory in C#
Once connecting with Active Directory we need to query for an object like getting user as follows below,
private DirectoryEntry Reterieve_User(string User_Name)
{
DirectoryEntry obj_de = Reterieve_DirectoryObject( );
DirectorySearcher obj_deSearch = new DirectorySearcher();
obj_deSearch.SearchRoot = obj_de;
obj_deSearch.Filter = "(&(objectClass=user)(JOHNAccountName=" + User_Name + "))";
obj_deSearch.SearchScope = SearchScope.Subtree;
SearchResult getPath = obj_deSearch.FindOne();
if (!(getPath == null))
{
obj_de = new DirectoryEntry(getPath.Path, "administrator", "password", AuthenticationTypes.Secure);
return obj_de;
}
else
{
return null;
}
}
The above code explains how to retrieve the user from the Active Directory depends on their login credentials. We need to use a particular Active Directory query language included with parenthesis it contains the name like “JohnAccountName” and username as like in Active Directory. Once finding the DirectoryEntry next to code the new DirectoryEntry object which links to the result and to use the admin’s login details in the connection.
Create an authenticate user
To create an authenticated user for Active Directory we need to pass the valid LDAP path string to the DirectoryEntry class constructor, it follows the format of LDAP://Doamin_name. Let’s see the following method,
private bool AuthenticateUser(string domain_name, string user_name, string password)
{
bool result = false;
try
{
DirectoryEntry obj_de = new DirectoryEntry("LDAP://" + domainName, userName, password);
DirectorySearcher obj_dsearch = new DirectorySearcher(obj_de);
SearchResult _sResult = null;
sResult = obj_dsearch.FindOne();
result = true;
}
catch
{
result = false;
}
return result;
}
Alter the user details in Active Directory in C#
To alter the properties of an object of Active Directory in C# is just simple in C#, firstly to access the DirectoryEntry property fields and to alter the values as required before that to check whether it’s null or not and then finally call the function ComminChanges to execute and save the changes done. Let’s see the code below which shows that alters the user’s name property,
DirectoryEntry obj_de = Reterieve_User ("smith.rio");
if (obj_de!= null)
{
if (obj_de.Properties["displayName"] != null && obj_de.Properties["displayName"].Value != null)
{
de.Properties["displayName"].Value = "Smith, Rio (Welcome)";
de.CommitChanges();
}
}
The above code describes the CommitChanges(), which will save the changes made in the Active Directory. The most important thing is that whatever changes are made will not be immediately visible in the applications of Active Directory like users of Active Directory and computers in the control panel it takes around 5-30 minutes to visible during changes because it needs to synchronize over the servers all through the network.
Querying Multiple Users in Active Directory with C# ASP .NET
The code above explained was to query the single DirectoryEntry object, whereas if we required for the list of objects we need to use the type SearchResultCollection joined with obj_deSearch, to search out all the things instead of finding one,
SearchResultCollection findUsers = retrieve_allUsers();
if (findUsers!= null && findUsers.Count > 0)
{
foreach (SearchResult getUser in findUsers)
{
DirectoryEntry obj_de = getUser.GetDirectoryEntry();
}
}
Conclusion
In this article, I have explained about the Active Directory and how to retrieve details of users, system usage, groups, and also to authenticate the user. By using some classes, we can easily retrieve the details from the active directory (AD) database. Active Directory with C# is a foremost tool for enterprise networks and for businesses. When designing with web applications which suit for desktop applications to the web to make powerful organizations.
Recommended Articles
This is a guide to Active Directory with C#. Here we discuss the introduction and how Active Directory works in C# along with the syntax and example. You may also have a look at the following articles to learn more –