Asked by:
List of users from Active Directory?

Question
-
User755602676 posted
Can someone please tell me how to get a listing of users and their user account numbers (in string type, or easily convertible to string type) from active directory? Sample code would be nice. I've googled this already with no success; lot's of code that claims to do it, none that I have been able to get to work.
Thanks!
Tuesday, October 14, 2008 3:40 PM
All replies
-
User-349297501 posted
With this code, you can search an active directory create a list of usernames, if you need more propertys,build a struct, and fill a list with this structs.
DirectoryEntry domain1; DirectorySearcher searcher1; List<string> lista1 = new List<string>(); dominio = new DirectoryEntry("LDAP://test.com/DC=dept1,DC=com", "domainadmin", "12345", AuthenticationTypes.ReadonlyServer); searcher1= new DirectorySearcher("(&(objectCategory=Person)(objectClass=user)"); searcher1.SearchRoot = domain1; searcher1.SearchScope = SearchScope.Subtree; SearchResultCollection results1; results1= searcher1.FindAll(); for (int i = 0; i < results1.Count; i++) { lista1 .Add(results1[i].Properties["samaccountname"][0].ToString()); }
Tuesday, October 14, 2008 4:02 PM -
User755602676 posted
Thank you! Any chance you might have this in vb.net? I can translate most of it, but I don't know how to translate the <string> thing.
Also, how would I find out what to put in the green part? I take it that that part needs to be customized to my AD environment?
Tuesday, October 14, 2008 8:44 PM -
User-349297501 posted
yes, the green part is the connection string to ldap or active directory that you will use.
You need the active directory server and OU of your domain, a user and a password, minimum with readonly, a common user it's enought to extract the user list.
the list<string> in c# to vb.net :
Dim stringlist As New System.Collections.Generic.List(Of String)()
where the <string> translate like (Of String), because is a generic list.
I hope this can help you .
Wednesday, October 15, 2008 2:10 PM -
User755602676 posted
Thank you for your continued help!
I translated it to vb like this (you have an item called "dominio" in your c# that I think you meant to be domain1?). My questions follow:
Dim Domain1 As DirectoryEntry = New DirectoryEntry("LDAP://test.com/DC=dept1,DC=com", "domainadmin", "12345", AuthenticationTypes.ReadonlyServer)
Dim Searcher1 As DirectorySearcher = New DirectorySearcher("(&(objectCategory=Person)(objectClass=user)")
Dim Lista1 As New System.Collections.Generic.List(Of String)()Searcher1.SearchRoot = Domain1
Dim Results1 As New SearchResultCollection
Searcher1.SearchScope = SearchScope.Subtree
Results1 = Searcher1.FindAll() For i As Integer = 0 To Results1.Count
Lista1.Add(Results1(i).Properties("samaccountname")(0).ToString())
NextI have these questions, if you don't mind:
1. VS is complaining about the Dim Results1 statement with a blue squiggly under Results1 that says that "Type 'System.DirectoryServices.SearchResultCollection' has no constructors". I've tried rearranging that statement in every possible syntax I can think of, but that hasn't helped. Do you know what the problem is?
2. Do you know how I can find out what the "active directory server and ou of my domain" is? And how do I arrange that in the code?
3. What account do I put in for "somaccountname"? How can find a list of eligible accounts?
Thanks again.
Tuesday, October 21, 2008 6:08 PM -
User755602676 posted
Never mind my first question about the Dim Results1 statement. I fixed that. But if you could please answer questions 2 and 3, that would help. thanks again.
Tuesday, October 21, 2008 6:20 PM -
User-349297501 posted
if you machine or server are already using active directory, then you can use directly without using a connection string like this:
DirectorySearcher searcher = new System.DirectoryServices.DirectorySearcher("(samaccountname=johndoe)"); SearchResult result=searcher.FindOne(); DirectoryEntry dentry= result.GetDirectoryEntry(); string fullname=dentry.Properties["displayName"].Value.ToString();
in this case, the samAccountname is the short name o domain user that you are searching, if you need for example, searching all that star with the letter B, you can define a filter in the searcher:
searcher.Filter = ("(&(objectCategory=person)(objectClass=user)(sAMAccountName=B*"))");
and interate the results:
System.DirectoryServices.SearchResultCollection userlist= searcher.FindAll();
for(int i=0;i<userlist.Count;i++)
{
userlist[i].Properties["displayName"].ToString();
}There area a lot of properties in the activedirectory for example:
TelephoneNumber,IPphone,Mobile ,Department,manager,employeeId,displayName,Name,givenName
But, you need to check with your active directory admin, in other way, you can extract the properties names with this code snippet:
List<string> propnames = new List<string>(); System.DirectoryServices.PropertyCollection colprop; foreach(System.DirectoryServices.PropertyValueCollection elem in dentry.Properties) { propnames.Add(elem.PropertyName); }
And check the contect of the string list to view what properties area available.
Wednesday, October 22, 2008 1:49 PM -
User755602676 posted
thank you so much for your help.
Thursday, October 23, 2008 6:43 PM -
User830388994 posted
I am trying to traverse through a active directory group in classic asp.
example
obj1 = getobject("LDAP://CN=name,DC=,DC=com")
Dim memName = "test"
for each memebr in obj1.members
if (memName = obj1.name) then
flag = 1
else
flag = 0
end if
nextit doesn't work. I am trying ti compare the members of "obj1" group to "test". I am not sure what property I need to use to retrieve the member name from an active directory group.
Please help me.
Thanks,
Niru
Wednesday, October 29, 2008 11:55 PM -
User-2079787324 posted
try this
Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://domainname") '"LDAP://domainname") '"WinNT://" & a(0) & "/" & a(1)) Dim adsUser As DirectoryEntry Dim i As Int32 = 0 For Each adsUser In ADEntry.Children If adsUser.SchemaClassName = "User" Then ListBox1.Items.Add(New ListItem(adsUser.Properties("FullName").Value.ToString, adsUser.Name.ToString)) End If Next
Thursday, July 1, 2010 8:50 AM -
User1309392347 posted
Yes, Thanks!!! Finally I found what I needed. I have been trying to find some help with this for two days now. I have tried so many different solutions, but too no avail. Based on my active directory groups setup, nothing worked for me. My users are assigned to a group in AD, but the users do not appear in that group. However, this code was able to help me retrieve all users in AD.
Thanks again darkzen for your help!!!
CDS
Wednesday, July 20, 2011 3:50 PM -
Monday, September 26, 2011 5:53 AM
-
User-470152798 posted
Hello, i like to get all list of active users who connected to server / domain. some of my colleagues left the job even there user id are being displayed on the active directory so i would like to remove those who are not working present from active directory, and i want list of all users to display.
can you develop the code?
thank you in advance!
Thursday, February 16, 2017 2:30 AM -
User753101303 posted
Hi,
Please avoid to post to a very old thread, create a new one instead. Here, it should be quite easy to use https://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement.userprincipal.findbylogontime(v=vs.110).aspx to list all accounts not used since few months...
It still seems to me it should be as best a check list and that it shouldn't replace having the proper leave management process in place (and I would never take any action jsut based oin this info).
Friday, March 17, 2017 4:31 PM