none
Question on updating AD property from SharePoint

    Question

  • I'm creating a webpart that lets users update some of their Active Directory properties. I'm making user of the System.DirectoryServices.DirectoryEntry object to search for the user based on the username and then update his property.

    What I want to know is under what user does the DirectoryEntry object connect to the AD when I create an instance of it using: DirectoryEntry search = new DirectoryEntry("LDAP://mydomain.com"); Does it use the credentails the app pool is running under? Is there a way to output the user name its connecting as?

    Thanks
    Thursday, May 21, 2009 5:03 PM

All replies

  • Hi shehan,

    Instead of using:
    DirectoryEntry search = new DirectoryEntry("LDAP://mydomain.com");
    try the following code:
    DirectoryEntry search = new DirectoryEntry("LDAP://mydomain.com", txtAccountName, txtPassword);
    you will access directly the user you want to change his properties.
    Thursday, May 21, 2009 5:30 PM
  • Thanks for replying, but unfortunately the requirements are such that the user should not provide his user name and password. I'm able to perform a search in the AD using  DirectoryEntry("LDAP://mydomain.com") I just need to know under what account its connecting to the AD. 
    Thursday, May 21, 2009 5:37 PM
  • When no user name or password you are binding as a LDAP "anonymous user". This is not integrated security or impersonation.
    http://www.certdev.com
    Thursday, May 21, 2009 7:43 PM
  • Hi,

    We have a custom webpart for user password management in AD. In this WP we use an approach similar to the one suggested by Nassimos, using a constructor of the DirectoryEntry that has username and password parameters. In our case it is a technical (service) user that has right to set user AD properties. The credentials for the user can be stored in SSO  (in case of MOSS) or encrypted in a custom config section (in case of WSS or MOSS).

    There is no need for the interactive user to provide her / his credential on the UI for AD access.

    Peter
    Friday, May 22, 2009 9:22 PM
  • If the user is already logged in, you know who the user is,,,  Bamboo has a cool tool.... http://store.bamboosolutions.com/pc-41-1-user-directory-web-part-release-14.aspx here is another Active Directory Toolkit for SharePoint on codeplex with the source code available for download.... http://adselfservice.codeplex.com/


    Hve Fun :)


    -Ivan


    Ivan Sanders http://linkedin.com/in/iasanders http://dimension-si.com/blog
    Saturday, May 23, 2009 2:46 PM