How to get Active Directory Attributes not represented by the UserPrincipal class

30,628

Solution 1

The proper way of doing it is by using PrincipalExtensions where you extend the Principal you are after and use the methods ExtensionSet and ExtensionGet as explained here.

Solution 2

In this case, you need to go one level deeper - back into the bowels of DirectoryEntry - by grabbing it from the user principal:

using (DirectoryEntry de = myUser.GetUnderlyingObject() as DirectoryEntry)
{
    if (de != null)
    {
        // Go for those attributes and do what you need to do...
        var mobile = de.Properties["mobile"].Value as string;
        var info = de.Properties["info"].Value as string;
    }
}

Solution 3

up.Mobile would be perfect, but unfortunately, there's no such method in the UserPrincipal class, so you have to switch to DirectoryEntry by calling .GetUnderlyingObject().

static void GetUserMobile(PrincipalContext ctx, string userGuid)
{
    try
    {
        UserPrincipal up = UserPrincipal.FindByIdentity(ctx, IdentityType.Guid, userGuid);
        DirectoryEntry up_de = (DirectoryEntry)up.GetUnderlyingObject();
        DirectorySearcher deSearch = new DirectorySearcher(up_de);
        deSearch.PropertiesToLoad.Add("mobile");
        SearchResultCollection results = deSearch.FindAll();
        if (results != null && results.Count > 0)
        {
            ResultPropertyCollection rpc = results[0].Properties;
            foreach (string rp in rpc.PropertyNames)
            {
                if (rp == "mobile")
                    Console.WriteLine(rpc["mobile"][0].ToString());
            }
        }
    }
    catch (Exception ex)
    {
        Console.WriteLine(ex.ToString());
    }
}

30,628

Mondyak

Updated on August 04, 2020

Comments

Mondyak almost 4 years
What I mean is that right now I am using System.DirectoryServices.AccountManagement and if I use UserPrincipal class I only see the Name, Middle Name, etc

so in my codes it like
```
UserPrincipal myUser = new UserPrincipal(pc);
myUser.Name = "aaaaaa";
myUser.SamAccountName = "aaaaaaa";
.
.
.
.
myUser.Save();
```
How would I see the attribute like mobile or info?
Mondyak over 13 years

This worked fine as a quick fix, but I am trying to avoid using Directory Entry. Thanks for the help
vapcguy over 7 years

Unfortunately, if you load a property on deSearch that has an empty value in AD, it doesn't come back in the results set and the original code doesn't check for it not being there, so it throws the exception Object reference not set to an instance of an object on that Console.WriteLine line. I submitted an edit that should do the job.
vapcguy over 7 years

Note, too, this should all be wrapped in a try...catch. If a user is sent to this function that is no longer in AD, it will also get the exception Object reference not set to an instance of an object on the DirectoryEntry instantiation - corrected this in my edit, too.
vapcguy over 7 years

Also, I don't even see "mobile" in the list of possible PropertyNames in the rootSearch of results. There is telephonenumber that might actually be what the OP is looking for. It is the same as "Phone" in the GUI form for a user in AD, but also, that is the same as up.VoiceTelephoneNumber, and so would not even require the .GetUnderlyingObject() call. But other properties likely would, so this to me, is the best solution to iterate through them all.
vapcguy over 7 years

Amazed this got so many upvotes, as it doesn't show how to implement the de object to get the properties.
Philippe over 7 years

Here is an example to get the Common-Name de.Properties["cn"].Value.ToString();
Brad almost 5 years

I like this answer much more than the accepted answer. This is a lot less involved and gets you the information you need beautifully.
Kiquenet almost 5 years

Why use DirectorySearcher? Using de.Properties ? var mobile = de.Properties["mobile"].Value as string;
Si8 over 3 years

If I want to pull some fields under "Organization" tab, how do I find the property names? Thanks.