locked
Help with tweking, optimize code in a user info page. RRS feed

  • Question

  • User-2079623988 posted

    Hello Asp.net

    First code ex works fine in my company. But the other code I have a problem with. First I want it to work (problem with security)  and secoundly I want it more optimize, dont think my way is the best (see second code)...

    Perhaps changing the first code ex to get exact user info from AD .

    *******************************

    private void Page_Load(object sender, System.EventArgs e)

    {

            if(!Page.IsPostBack)

            {

                string adPath = "LDAP://server/DC=company,DC=com";

                string sFilter = String.Format("(&(objectClass=user)(objectCategory=person)(sAMAccountName={0}))", User.Identity.Name.Split(new char[]{'\\'})[1]);

     

                DirectoryEntry de = new DirectoryEntry(adPath);

                //Optionally provide credentials to get to domain

                //de.Username = "company\\user";

                //de.Password = "pass";

                de.AuthenticationType = AuthenticationTypes.Secure;

     

                DirectorySearcher ds = new DirectorySearcher(de, sFilter);

                string prop = "displayName"; //this is what we will get

     

                SearchResult sr = ds.FindOne();

                if(sr != null)

                {

                    msg.Text = String.Format("{0} : {1}", prop, sr.Properties[prop][0]);

                }

            }

    }
    *************************************************

     

     

    Problem with this.....

    ***********************************************

    private void Page_Load(object sender, System.EventArgs e)

    {

            if(!Page.IsPostBack)

            {

                string adPath = "LDAP://server/DC=company,DC=com";


               


                string sFilter = String.Format("(&(objectClass=user)(objectCategory=person)(sAMAccountName={0}))", User.Identity.Name.Split(new char[]{'\\'})[1]);

                string[] attribs = new string[]{"cn","givenname","sn","telephonenumber","mobile","mail","description"};

                DirectoryEntry de = new DirectoryEntry(adPath);

     


                    //de.Username = "company\\user";

                    //de.Password = "pass";


                de.AuthenticationType = AuthenticationTypes.Secure;

     

                DirectorySearcher ds = new DirectorySearcher(de, sFilter,new string[]{
                "cn","givenname","sn","telephonenumber","mobile","mail","description"});

     

                SearchResult sr = ds.FindOne();

                if(sr != null)

                {

                       // optimize this!!???? the problem will be if I have to extract more and more properties from user account.

                         msg_inlogg.Text     = sr.Properties["cn"][0].ToString();
                        msg_for.Text        = sr.Properties["givenname"][0].ToString();
                        msg_efter.Text      = sr.Properties["sn"][0].ToString();
                        msg_tele.Text       = sr.Properties["telephonenumber"][0].ToString();
                        msg_mobil.Text      = sr.Properties["mobile"][0].ToString();
                        msg_epost.Text      = sr.Properties["mail"][0].ToString();
                        msg_titel.Text      = sr.Properties["description"][0].ToString();
                        msg_test.Text       = sr.Properties["description"][0].ToString();

      
                }

            }

    }
    ************************************

     

    Thanks

    Bruno E

    Thursday, April 13, 2006 5:44 AM

All replies

  • User1354132231 posted
    Well, there are a number of ways you can make your maintenance easier for this type of code.  The easiest is probably to just use a DataSet or DataView and bind the controls to the datasource.  This one layer of indirection will save you some maintenance.

    You can get your SearchResult information into a DataSet by using the FindUser method from the first post in the page.  I would then suggest that instead of programmatically binding the elements inside the DataSet to any particular control, you instead declaratively write them to match the DataSet.  This will allow you to easily update them as you add more information.

    If you were really clever, you could add the list of attributes you wished to retrieve into configuration (like appSettings in your web.config).  Then you would just update the web.config and new attributes would be searched for.  Finally, you would just update the HTML to point to the new attributes and voila! no code changes.

    Start with the first post and get it working.  Next try to parameterize the list of attributes that this method accepts to pull it from configuration.  System.Configuration.ConfigurationSettings class is going to be your friend there (there are also more advanced techniques).  Finally, check out the Data Controls forums here to see how to databind controls declaratively in your HTML (using <%# DataBinder.Eval syntax).  These three pieces will get you a long way towards what you are looking for.
    Thursday, April 13, 2006 3:02 PM
  • User-2079623988 posted

    thx, I´ll liked the way to add attributes in web.config,

    Problem now is where some user in AD has no value in some attributes, been looking at your help in "Common Patterns in System.DirectoryServices" but I only see solution when I searching for one attribut.

    ex

    DirectoryEntry entry = new DirectoryEntry(...);
    using (entry)
    {
        if (entry.Properties.Contains("sn
    "))
        {
            string lastName = entry.Properties["sn"][0].ToString();
        }
    }

     

     

    Do I have to create one for all attributes? Lets say I will find info in

    sn, mail, mobile, + more attributes and mobile does not exist.

    Hope you understand my problem.... 

    Can you point me on the right way...

     

    Tuesday, April 18, 2006 10:45 AM
  • User1354132231 posted
    Check how the FindUsers function does it.  It takes a list of attributes and iterates through them, ignoring the ones that do not have a value.  I don't hardcode for any attribute name.
    Tuesday, April 18, 2006 11:02 AM
  • User-2079623988 posted

    Made it work with FindUser. [:D]

    Thx dunnry

    Do I use FindUser() when I want to update/edit user info in AD to?? 

    any exemple I can look at?

    Thursday, April 20, 2006 4:11 AM
  • User1354132231 posted
    No, FindUser is definitely a read-only type of operation.  If you want to update through a web app, you need a solid understanding of how you want to control that.  Your biggest decision will be whether you want the update to occur through a service account or by the user's own credentials.  This will have a large design impact.

    Thursday, April 20, 2006 1:38 PM
  • User-2079623988 posted

    The user is going to update on there own credentials. They will update only attributes that they are allowed to update. Like "streetaddress" "postalcode" and so on.... Atttributs that the user can update today with ADSI Edit or outlook.

     

    Have not find any good ex on this forum about update, only reading attributes. Tried to tweak FindUser()  with

    if (sr.Properties.Contains("postalcode"))
    {
        
        user.Properties["postalcode"].Value = tb_postcode.Text;
    }
    else
    {
      
        sr.Properties["postalcode"].Add(tb_postcode.Text);
    }
    user.CommitChanges();

    but with no luck.

     

     

    Thursday, May 4, 2006 7:43 AM
  • User-2079623988 posted

    Fixed the error, my weekend is now saved!

    Be back if I get some new problems. [:)]

    Friday, May 5, 2006 7:29 AM
  • User1354132231 posted
    You might also be interested in reading this:

    http://dunnry.com/blog/SelfServiceUpdatesInActiveDirectory.aspx

    I think you are trying something similar here.
    Friday, May 5, 2006 10:45 AM