Question on updating AD property from SharePoint


  • I'm creating a webpart that lets users update some of their Active Directory properties. I'm making user of the System.DirectoryServices.DirectoryEntry object to search for the user based on the username and then update his property.

    What I want to know is under what user does the DirectoryEntry object connect to the AD when I create an instance of it using: DirectoryEntry search = new DirectoryEntry("LDAP://"); Does it use the credentails the app pool is running under? Is there a way to output the user name its connecting as?

    Thursday, May 21, 2009 5:03 PM

All replies

  • Hi shehan,

    Instead of using:
    DirectoryEntry search = new DirectoryEntry("LDAP://");
    try the following code:
    DirectoryEntry search = new DirectoryEntry("LDAP://", txtAccountName, txtPassword);
    you will access directly the user you want to change his properties.
    Thursday, May 21, 2009 5:30 PM
  • Thanks for replying, but unfortunately the requirements are such that the user should not provide his user name and password. I'm able to perform a search in the AD using  DirectoryEntry("LDAP://") I just need to know under what account its connecting to the AD. 
    Thursday, May 21, 2009 5:37 PM
  • When no user name or password you are binding as a LDAP "anonymous user". This is not integrated security or impersonation.
    Thursday, May 21, 2009 7:43 PM
  • Hi,

    We have a custom webpart for user password management in AD. In this WP we use an approach similar to the one suggested by Nassimos, using a constructor of the DirectoryEntry that has username and password parameters. In our case it is a technical (service) user that has right to set user AD properties. The credentials for the user can be stored in SSO  (in case of MOSS) or encrypted in a custom config section (in case of WSS or MOSS).

    There is no need for the interactive user to provide her / his credential on the UI for AD access.

    Friday, May 22, 2009 9:22 PM
  • If the user is already logged in, you know who the user is,,,  Bamboo has a cool tool.... here is another Active Directory Toolkit for SharePoint on codeplex with the source code available for download....

    Hve Fun :)


    Ivan Sanders
    Saturday, May 23, 2009 2:46 PM