c# against Active Directory over LDAP

c# active-directory ldap

20,598

Solution 1

When connecting to AD using the .NET Framework, you can use "serverless" binding or you can specify a server to use everytime (server bound).

Here's an example of using both:

// serverless
DirectoryEntry rootConfig = new DirectoryEntry("LDAP://dc=domainname,dc=com");

// server bound
DirectoryEntry rootEntry = new DirectoryEntry("LDAP://domainControllerName/dc=domainName,dc=com");

I think where you were going astray is you forgot to include the FQDN for your domain on the end. Hope this helps.

Solution 2

Yes- RootDSE is not a container - but it holds a number of interesting properties which you can query for - e.g. the name of your domain controller(s).

You can check these out by using code like this:

DirectoryEntry deRoot = new DirectoryEntry("LDAP://RootDSE");

if (deRoot != null)
{
  Console.WriteLine("Default naming context: " + deRoot.Properties["defaultNamingContext"].Value);
  Console.WriteLine("Server name: " + deRoot.Properties["serverName"].Value);
  Console.WriteLine("DNS host name: " + deRoot.Properties["dnsHostName"].Value);

  Console.WriteLine();
  Console.WriteLine("Additional properties:");
  foreach (string propName in deRoot.Properties.PropertyNames)
    Console.Write(propName + ", ");
  Console.WriteLine();
}

Or save yourself the trouble and go grab my "Beavertail ADSI Browser" in C# source code - shows in detail how to connect to RootDSE and what it offers.

20,598

Author by

78lro

Updated on May 22, 2020

Comments

78lro about 4 years
I'm coding some c# against Active Directory and have tried endlessly to get this to work to no avail. The following code works and the code that follows it does not:

The code below is using "WinNT://" + Environment.MachineName + ",Computer" to make the connection and works fine.
```
   DirectoryEntry localMachine = new DirectoryEntry
        ("WinNT://" + Environment.MachineName + ",Computer");

    DirectoryEntry admGroup = localMachine.Children.Find
        ("Administrators", "group");

    object members = admGroup.Invoke("members", null);

    foreach (object groupMember in (IEnumerable)members)
    {
        DirectoryEntry member = new DirectoryEntry(groupMember);
        output.RenderBeginTag("p");
        output.Write(member.Name.ToString());
        output.RenderBeginTag("p");
    }



    base.Render(output);
```
I'm now trying to change the line:
```
"WinNT://" + Environment.MachineName + ",Computer"
```
to
```
"LDAP://MyDomainControllerName"
```
but it seems no matter what value I try in place of the value 'MyDomainControllerName' it wont work.

To get the 'MyDomainControllerName' value I right clicked on MyComputer and copied the computer name value as suggested elsewhere but this didn't work.

When I try using the LDAP://RootDSE option above it results in the following error:

The Active Directory object located at the path LDAP://RootDSE is not a container

Is this a problem with the member methods as you mention?
78lro over 15 years

When I right click on my computer and look at the computer name it appears that it is mypc.domain.net - so I tried LDAP://dc=domain,dc=net and I tried LDAP://mypc/dc=domain,dc=net and for both I get an error telling me that An invalid dn syntax has been specified. All the best