List of users from Active Directory?

Question

User755602676 posted

Can someone please tell me how to get a listing of users and their user account numbers (in string type, or easily convertible to string type) from active directory? Sample code would be nice. I've googled this already with no success; lot's of code that claims to do it, none that I have been able to get to work.

Thanks!

Answer 1

User-349297501 posted

 With this code, you can search an active directory create a list of usernames, if you need more propertys,build a struct, and fill a list with this structs.

 

DirectoryEntry domain1;
DirectorySearcher searcher1;
List<string> lista1 = new List<string>();

dominio = new DirectoryEntry("LDAP://test.com/DC=dept1,DC=com", "domainadmin", "12345", AuthenticationTypes.ReadonlyServer);

searcher1= new DirectorySearcher("(&(objectCategory=Person)(objectClass=user)");
searcher1.SearchRoot = domain1;
searcher1.SearchScope = SearchScope.Subtree;
SearchResultCollection results1;
results1= searcher1.FindAll();
            for (int i = 0; i < results1.Count; i++)
            {

                lista1 .Add(results1[i].Properties["samaccountname"][0].ToString());
            }

 

 

Answer 2

User755602676 posted

Thank you! Any chance you might have this in vb.net? I can translate most of it, but I don't know how to translate the <string> thing.

 Also, how would I find out what to put in the green part? I take it that that part needs to be customized to my AD environment?

Answer 3

User-349297501 posted

 yes, the green part is the connection string to ldap or active directory that you will use.

You need the active directory server and OU of your domain, a user and a password, minimum with readonly, a common user it's enought to extract the user list.

 

 the list<string> in c# to vb.net :

Dim stringlist As New System.Collections.Generic.List(Of String)()

where the <string> translate like (Of String), because is a generic list.

I hope this can help you .

 

Answer 4

User755602676 posted

Thank you for your continued help!

I translated it to vb like this (you have an item called "dominio" in your c# that I think you meant to be domain1?). My questions follow:

Dim Domain1 As DirectoryEntry = New DirectoryEntry("LDAP://test.com/DC=dept1,DC=com", "domainadmin", "12345", AuthenticationTypes.ReadonlyServer)
Dim Searcher1 As DirectorySearcher = New DirectorySearcher("(&(objectCategory=Person)(objectClass=user)")
Dim Lista1 As New System.Collections.Generic.List(Of String)()

Searcher1.SearchRoot = Domain1
Searcher1.SearchScope = SearchScope.Subtree

Dim Results1 As New SearchResultCollection
Results1 = Searcher1.FindAll()

For i As Integer = 0 To Results1.Count
        Lista1.Add(Results1(i).Properties("samaccountname")(0).ToString())
Next

I have these questions, if you don't mind:

1. VS is complaining about the Dim Results1 statement with a blue squiggly under Results1 that says that "Type 'System.DirectoryServices.SearchResultCollection' has no constructors". I've tried rearranging that statement in every possible syntax I can think of, but that hasn't helped. Do you know what the problem is?

2. Do you know how I can find out what the "active directory server and ou of my domain" is? And how do I arrange that in the code?

3. What account do I put in for "somaccountname"? How can find a list of eligible accounts?

Thanks again.

Answer 5

User755602676 posted

Never mind my first question about the Dim Results1 statement. I fixed that. But if you could please answer questions 2 and 3, that would help. thanks again.

Answer 6

User-349297501 posted

 if you machine or server are already using active directory, then you can use directly without using a connection string like this:

 

DirectorySearcher searcher = new System.DirectoryServices.DirectorySearcher("(samaccountname=johndoe)");
SearchResult result=searcher.FindOne();
DirectoryEntry dentry= result.GetDirectoryEntry();
string fullname=dentry.Properties["displayName"].Value.ToString();

in this case, the samAccountname is the short name o domain user that you are searching, if you need for example, searching all that star with the letter B, you can define a filter in the searcher:

searcher.Filter = ("(&(objectCategory=person)(objectClass=user)(sAMAccountName=B*"))"); 

and interate the results:

 System.DirectoryServices.SearchResultCollection userlist=  searcher.FindAll();
 for(int i=0;i<userlist.Count;i++)
 {
    userlist[i].Properties["displayName"].ToString();
 } 

  There area a lot of properties in the activedirectory for example:

TelephoneNumber,IPphone,Mobile ,Department,manager,employeeId,displayName,Name,givenName

But, you need to check with your active directory admin, in other way, you can extract the properties names with this code snippet:

 

 List<string> propnames = new List<string>();
            System.DirectoryServices.PropertyCollection colprop;            
                foreach(System.DirectoryServices.PropertyValueCollection elem in dentry.Properties)
                {
                    propnames.Add(elem.PropertyName);
                }      

And check the contect of the string list to view what properties area available.

  

Answer 7

User755602676 posted

thank you so much for your help.

Answer 8

User830388994 posted

I am trying to traverse through a active directory group in classic asp.

example

obj1 = getobject("LDAP://CN=name,DC=,DC=com")
Dim memName = "test"

for each memebr in obj1.members
    if (memName = obj1.name) then
           flag = 1
        else
          flag = 0
        end if
next

it doesn't work. I am trying ti compare the members of "obj1" group to "test". I am not sure what property I need to use to retrieve the member name from an active directory group.

Please help me.

 

Thanks,

Niru

 

Answer 9

User-2079787324 posted

try this

 Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://domainname") '"LDAP://domainname") '"WinNT://" & a(0) & "/" & a(1))

      
        Dim adsUser As DirectoryEntry
        Dim i As Int32 = 0
        For Each adsUser In ADEntry.Children

            If adsUser.SchemaClassName = "User" Then
                ListBox1.Items.Add(New ListItem(adsUser.Properties("FullName").Value.ToString, adsUser.Name.ToString))
                       
            End If
        Next
        

 

Answer 10

User1309392347 posted

Yes, Thanks!!! Finally I found what I needed.  I have been trying to find some help with this for two days now.  I have tried so many different solutions, but too no avail.  Based on my active directory groups setup, nothing worked for me.  My users are assigned to a  group in AD, but the users do not appear in that group.  However, this code was able to help me retrieve all users in AD. 

Thanks again darkzen for your help!!!

CDS

 

 

Answer 11

User-448512826 posted

Hi,

http://weblogs.asp.net/jpinquie/archive/2008/02/06/how-to-get-domain-user-information-from-active-directory-in-c.aspx

also...

http://forums.asp.net/t/1066136.aspx/1

Thanks...

Answer 12

User-470152798 posted

Hello, i like to get all list of active users who connected to server / domain. some of my  colleagues left the job even there user id are being displayed on the active directory so  i  would like to  remove those who are not  working present from active directory, and i want list of all users to display.

can you develop the code?

thank you in advance! 

Answer 13

User753101303 posted

Hi,

Please avoid to post to a very old thread, create a new one instead. Here, it should be quite easy to use https://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement.userprincipal.findbylogontime(v=vs.110).aspx to list all accounts not used since few months...

It still seems to me it should be as best a check list and that it shouldn't replace having the proper leave management process in place (and I would never take any action jsut based oin this info).