Search Exchange Server's global contacts list

Question

User-2052831651 posted

Hello,

First of all, I've looked through the previous pages and found two or three questions that deal with pretty much exactly what I'm asking here - although none of those posts have been replied to. So I'll try too.

I'm developing a web application in C# where a user can search for global contacts (the one you see under Global Contacts in Outlook when connected to the exch.server) on the Exchange server in the same network where the web page is running. I've been studying LDAP for only about a day, so I may have gotten a few of the basic concepts wrong. According to my boss, the Exchange server in our office is open (i.e. no authentication should be needed, which I think sounds a little strange).

My search function so far looks something like this:

DirectoryEntry DirEnt = new DirectoryEntry(LDAP://servername, "", "", AuthenticationTypes.Anonymous); (I've tried Secure too. Unfortunately I don't have the admin password so I seems pointless)

DirectorySearcher DirSrc = new DirectorySearcher(DirEnt);
DirSrc.Filter = "(& (mailnickname=*)(objectClass=user))";
DirSrc.SearchScope = SearchScope.Subtree;
DirSrc.PropertiesToLoad.Add("cn");

SearchResultCollection ResultCol = DirSrc.FindAll();

foreach (SearchResult Result in ResultCol)
{
   something = Result.GetDirectoryEntry().Properties["cn"][0];
}

I think it's obvious what I'm trying to do here - just list all users that have a mail nick name, which should be everyone in the global list. Maybe I've got something wrong with the search details (but all tutorials say almost the same thing), but the application throws an exception when I try: DirSrc.FindAll();

It says: An operations error occurred at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at ... So I don't really know if my filters and stuff are correct, since it won't even connect properly to the server.

I get a different message when I type the wrong server name, so at least the server is found. The standard port for LDAP (389) is open as well (I've tried to Telnet to it).

Maybe the only error is that I need an admin user name/password?

Any help appreciated.

Answer 1

User1354132231 posted
Welcome to the forums.  There are some very basic things you need to do to get code to run.  I would suggest first writing a console application before you attempt to use this in ASP.NET.  The change in security context is just going to cause you grief at this point.

To query Exchange, you should use the GC:// provider (global catalog) since that is what Exchange uses.  Use a console app and something like this:

DirectoryEntry gc = new DirectoryEntry("GC://dc=yourdomain,dc=com", null, null, AuthenticationTypes.Secure);

We always use .Secure for AD work because we want to use Negotiate and NTLM or Kerberos.  A simple bind (using .None) is not appropriate unless we are using SSL.  By passing null we are saying to use our own credentials.  On the web, this is not your credentials, but ASP.NET's, which is why I am telling you to get this working in a console app first.

Once you have a handle to your GC, perform your search:

using (gc)
{
    DirectorySearcher ds = new DirectorySearcher(gc, "(&(objectClass=user)(mail=*))");
    using (SearchResultCollection src = ds.FindAll())
    {
        foreach (SearchResult sr in src)
       {
            Console.WriteLine(sr.Properties["sAMAccountName"][0]);
       }
    }
}

We don't need to get a DirectoryEntry object for each result unless we intend on modifying the directory.  The SearchResult contains everything you need to read.

Answer 2

User2047060128 posted

Hammer - Listen to this Ryan guy. He knows his stuff. He OWNS this forum :-)