Search Results

Search found 82 results on 4 pages for 'directoryservices'.

Page 1/4 | 1 2 3 4  | Next Page >

  • FindByIdentity in System.DirectoryServices.AccountManagment Memory Issues

    - by MVC Fanatic
    I'm working on an active directory managament application. In addition to the typical Create A New User, Enable/Disable an account, reset my password etc. it also managages application permissions for all of the clients web applications. Application management is handled by thousands of AD groups such as which are built from 3 letter codes for the application, section and site, there are also hundreds of AD groups which determine which applications and locations a coordinator can grant rights to. All of these groups in turn belong to other groups so I typically filter the groups list with the MemberOf property to find the groups that a user directly belongs to (or everyone has rights to do everything). I've made extensive use of the System.DirectoryServices.AccountManagment namespace using the FindByIdentity method in 31 places throughout the application. This method calls a private method FindPrincipalByIdentRefHelper on the internal ADStoreCtx class. A SearchResultCollection is created but not disposed so eventually typically once or twice a day the web server runs out of memory and all of the applications on the web server stop responsing until iis is reset because the resources used by the com objects aren't ever relased. There are places where I fall back to the underlying directory objects, but there are lot of places where I'm using the properties on the Principal - it's a vast improvement over using the esoteric ad property names in the .Net 2.0 Directory services code. I've contacted microsoft about the problem and it's been fixed in .Net 4.0 but they don't currently have plans to fix it in 3.5 unless there is intrest in the community about it. I only found information about it in a couple of places the MDSN documentation in the community content state's there is a memory leak at the bottom (guess I should have read that before using the the method) http://msdn.microsoft.com/en-us/library/bb345628.aspx And the class in question is internal and doesn't expose SearchResultsCollection outside the offending method so I can't get at the results to dispose them or inherit from the class and override the method. So my questions are Has anyone else encountered this problem? If so were you able to work around it? Do I have any option besides rewriting the application not using any of the .Net 3.5 active directory code? Thanks

    Read the article

  • AD - DirectoryServices: VBNET2.0 - Speaking architecture...

    - by Will Marcouiller
    I've been mandated to write an application to migrate the Active Directory access models to another environment. Here's the context: I'm stuck with VB.NET 2005 and .NET Framework 2.0; The application must use the Windows authenticated user to manage AD; The objects I have to handle are Groups, Users and OrganizationalUnits; I intend to use the Façade design pattern to provider ease of use and a fully reusable code; I plan to write a factory for each of the objects managed (group, ou, user); The use of Attributes should be useful here, I guess; As everything is about the DirectoryEntry class when accessing the AD, it seems a good candidate for generic types. Obligatory features: User creates new OUs manually; User creates new group manually; User creates new user (these users are services accounts) manually; Application reads an XML file which contains the OUs, groups and users to create; Application informs the user about the OUs, groups and users that shall be created; User specifies the domain environment where to migrate the XML input file designated objects; User makes changes if needed, and launches the task operations; Application performs required by the XML input file operations against the underlying AD as specified by the user; Application informs the user upon completion. Linear features: User fetches OUs, groups, users; User changes OUs, groups, users; User deletes OUs, groups, users; The application logs AD entries and operations performed, plus errors and exceptions; Nice-to-have features: Application rollbacks operations on error or exception. I've been working for weeks now to get acquainted with the AD and the System.DirectoryServices assembly. But I don't seem to find a way to be fully satisfied with what I'm doing and always looking for better. I have studied Bret de Smet's Linq to AD on CodePlex, but then again, I can't use it as I'm stuck with .NET 2.0, so no Linq! But I've learned about Attributes, and seen that he's working with generic types as he codes a DirectorySource class to perform the operations for OUs, groups and users. Any suggestions? Thanks for any help, code sample, ideas, architural solution, everything!

    Read the article

  • List local administrators with System.DirectoryServices.AccountManagement doesn't retrieve domain us

    - by yajohn
    I'm trying to remotely list members of the local Administrators group. The following code returns only local accounts which are members of the admin group - no domain groups or individual accounts are returned at all (BLAH\Domain Admins or BLAH\yajohn, for instance). Anyone have an idea? Public Function listLocalAdmins(ByVal machinename As String, ByVal creduname As String, ByVal credpass As String) As String Try Dim mctx As New PrincipalContext(ContextType.Machine, machinename, creduname, credpass) Dim lcladmins As GroupPrincipal = GroupPrincipal.FindByIdentity(mctx, IdentityType.Name, "Administrators") Dim pc As PrincipalCollection = lcladmins.Members Dim r As New StringBuilder For Each p As Principal In pc r.Append("Name:->" & p.Name.ToString & vbCrLf) Next Return r.ToString Catch ex As Exception Return ex.Message End Try End Function Thanks for any feedback.

    Read the article

  • How to register System.DirectoryServices for use in SQL CLR User Functions?

    - by Saul Dolgin
    I am porting an old 32-bit COM component that was written in VB6 for the purpose of reading and writing to an Active Directory server. The new solution will be in C# and will use SQL CLR user functions. The assembly that I am trying to deploy to SQL Server contains a reference to System.DirectoryServices. The project does compile without any errors but I am unable to deploy the assembly to the SQL Server because of the following error: Error: Assembly 'system.directoryservices, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a.' was not found in the SQL catalog. What are the correct steps for registering System.DirectoryServices on SQL Server?

    Read the article

  • Request a user's roles in AD when caller is not in domain

    - by grootjans
    I would like to get a user's group memberships in an ActiveDirectory, without being in the domain. When I run this inside the domain, all is well. var context = new PrincipalContext(ContextType.Domain); var principal = UserPrincipal.FindByIdentity(context, IdentityType.Name, "administrator"); foreach (var authorizationGroup in principal.GetAuthorizationGroups()) { Console.WriteLine(authorizationGroup.Name); } However, when I run outside the domain, I have to specify the PrincipalContext lie this: var context = new PrincipalContext(ContextType.Domain, "10.0.1.255", "DC=test,DC=ad,DC=be", "administrator", "password"); When I run this code, I get an exception when I execute principal.GetAuthorizationGroups(). The exception I get is: System.DirectoryServices.AccountManagement.PrincipalOperationException: Information about the domain could not be retrieved (1355). at System.DirectoryServices.AccountManagement.Utils.GetDcName(String computerName, String domainName, String siteName, Int32 flags) at System.DirectoryServices.AccountManagement.ADStoreCtx.LoadDomainInfo() at System.DirectoryServices.AccountManagement.ADStoreCtx.get_DnsDomainName() at System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOfAZ(Principal p) at System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroupsHelper() at System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroups()

    Read the article

  • AD-DirectoryServices: .NET2.0 - Speaking architecture, approach and best practices... Suggestions?

    - by Will Marcouiller
    I've been mandated to write an application to migrate the Active Directory access models to another environment. Here's the context: I'm stuck with VB.NET 2005 and .NET Framework 2.0; The application must use the Windows authenticated user to manage AD; The objects I have to handle are Groups, Users and OrganizationalUnits; I intend to use the Façade design pattern to provider ease of use and a fully reusable code; I plan to write a factory for each of the objects managed (group, ou, user); The use of Attributes should be useful here, I guess; As everything is about the DirectoryEntry class when accessing the AD, it seems a good candidate for generic types. Obligatory features: User creates new OUs manually; User creates new group manually; User creates new user (these users are services accounts) manually; Application reads an XML file which contains the OUs, groups and users to create; Application informs the user about the OUs, groups and users that shall be created; User specifies the domain environment where to migrate the XML input file designated objects; User makes changes if needed, and launches the task operations; Application performs required by the XML input file operations against the underlying AD as specified by the user; Application informs the user upon completion. Linear features: User fetches OUs, groups, users; User changes OUs, groups, users; User deletes OUs, groups, users; The application logs AD entries and operations performed, plus errors and exceptions; Nice-to-have features: Application rollbacks operations on error or exception. I've been working for weeks now to get acquainted with the AD and the System.DirectoryServices assembly. But I don't seem to find a way to be fully satisfied with what I'm doing and always looking for better. I have studied Bret de Smet's Linq to AD on CodePlex, but then again, I can't use it as I'm stuck with .NET 2.0, so no Linq! But I've learned about Attributes, and seen that he's working with generic types as he codes a DirectorySource class to perform the operations for OUs, groups and users. I have been able to add groups to the AD; I have been able to add users to the AD; The created user is automatically disabled? I seem to get confused with the use of a LDAP path to add objects. For instance, one needs two instances of a System.DirectoryServices.DirectoryEntry class to add a group, for instance. Why this? Any suggestions? Thanks for any help, code sample, ideas, architural solution, everything!

    Read the article

  • Does a System.DirectoryServices.AccountManagement.Principal ever have a null GUID?

    - by Josh
    I have a situation where I need to store a globally unique identifier that points to an Active Directory user account. I'm leaning towards the Guid because it is easier to store than the Sid. According to the MSDN entry, the property (which is a Nullable), will always return null if the ContextType is set to "Machine." I don't need to worry about this because our ContextType will always be set to "Domain." My question is, will this property ever return null if the ContextType is "Domain"? In other words, will an account in an AD DS store always have a Guid?

    Read the article

  • DirectoryServices auth problem asp

    - by ChrisMuench
    Hello, I'm getting the following error [error] IIS://networth-web6/W3SVC/AppPools/netbasistest errorSystem.Runtime.InteropServices.COMException (0x80020006): Unknown name. (Exception from HRESULT: 0x80020006 (DISP_E_UNKNOWNNAME)) at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) at ASP.nb_test_aspx._Render_control1(HtmlTextWriter __w, Control parameterContainer) [/error] any ideas? I know my username and password work just fine to rdp into the server. when use with this code. [code] <%@ Page Language="vb" % <%@ Import Namespace="System.Xml" % <%@ Import Namespace="System.Management" % <%@ Import Namespace="System.DirectoryServices" % <% Response.Write("") Dim AppPoolFullPath As String = "IIS://networth-web6/W3SVC/AppPools/netbasistest" Dim Username as String = "networth-web6\username" Dim Password as String = "password" Try Dim w3svc As New DirectoryEntry(AppPoolFullPath,Username,Password) w3svc.Username = Username w3svc.Password = Password w3svc.Invoke("Recycle", Nothing) Response.Write(AppPoolFullPath & "") Catch exc as exception Response.Write(AppPoolFullPath & " error"&exc.tostring()&"") End Try Response.Write("<p />-- done --") Response.Write("</BODY></HTML>") %> [/code]

    Read the article

  • System.DirectoryServices.AccountManagement functions fail to probe some machines (but not others)

    - by JCCyC
    Both the working and failing targets are machines in the same domain. Code is down below. When I use it against some machines in my domain, I get a System.DirectoryServices.AccountManagement.PrincipalOperationException with a message: "While trying to retrieve the authorization groups, an error (1332) occurred." The error is thrown by GetAuthorizationGroups(). Note: The username I use to connect is a local admin to the machine in both cases. PrincipalContext ctx = new PrincipalContext(ContextType.Machine, machineName, domainname + "\\" + adminusername, pass); List<Principal> retList = new List<Principal>(); using (var user = UserPrincipal.FindByIdentity(ctx, probedusername)) { if (user != null) { PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups(); foreach (Principal group in groups) { retList.Add(group); } } }

    Read the article

  • System.DirectoryServices.AccountManagement not working on the server

    - by mlsteeves
    I am using System.DirectoryServices.AccountManagement to find the logged-in user's AD entry. It is working great in the VS2008 WebDev server on developers machines. But when we installed the code on the development server (windows server 2008), we get an access error. Both the developer's machine and the development server are members of the same domain. We have Impersonation turned on, so we are connecting to AD with the same user credentials. What are we missing here? Why is it working on the developer's machine, but not the development server? The actual exception that we were receiving was "An operations error occurred".

    Read the article

  • DirectoryServicesCOMException when working with System.DirectoryServices.AccountManagement

    - by antik
    I'm attempting to determine whether a user is a member of a given group using System.DirectoryServices.AccountManagment. I'm doing this inside a SharePoint WebPart in SharePoint 2007 on a 64-bit system. Project targets .NET 3.5 Impersonation is enabled in the web.config. The IIS Site in question is using an IIS App Pool with a domain user configured as the identity. I am able to instantiate a PrincipalContext as such: PrincipalContext pc = new PrincipalContext(ContextType.Domain) Next, I try to grab a principal: using (PrincipalContext pc = new PrincipalContext(ContextType.Domain)) { GroupPrincipal group = GroupPrincipal.FindByIdentity(pc, "MYDOMAIN\somegroup"); // snip: exception thrown by line above. } Both the above and UserPrincipal.FindByIdentity with a user SAM throw a DirectoryServicesCOMException: "Logon failure: Unknown user name or bad password" I've tried passing in a complete SAMAccountName to either FindByIdentity (in the form of MYDOMAIN\username) or just the username with no change in behavior. I've tried executing the code with other credentials using both the HostingEnvironment.Impersonate and SPSecurity.RunWithElevatedPrivileges approaches and also experience the same result. I've also tried instantiating my context with the domain name in place: Principal Context pc = new PrincipalContext(ContextType.Domain, "MYDOMAIN"); This throws a PrincipalServerDownException: "The server could not be contacted." I'm working on a reasonably hardened server. I did not lock the system down so I am unsure exactly what has been done to it. If there are credentials I need to allocate to my pool identity's user or in the domain security policy in order for these to work, I can configure the domain accordingly. Are there any settings that would be preventing my code from running? Am I missing something in the code itself? Is this just not possible in a SharePoint web? EDIT: Given further testing, my code functions correctly when tested in a Console application targeting .NET 4.0. I targeted a different framework because I didn't have AccountManagement available to me in the console app when targeting .NET 3.5 for some reason. using (PrincipalContext pc = new PrincipalContext(ContextType.Domain)) using (UserPrincipal adUser = UserPrincipal.FindByIdentity(pc, "MYDOMAIN\joe.user")) using (GroupPrincipal adGroup = GroupPrincipal.FindByIdentity(pc, "MYDOMAIN\user group")) { if (adUser.IsMemberOf(adGroup)) { Console.WriteLine("User is a member!"); } else { Console.WriteLine("User is NOT a member."); } } What varies in my SharePoint environment that might prohibit this function from executing?

    Read the article

  • C# Active Directory - Check username / password

    - by Michael G
    I'm using the following code on Windows Vista Ultimate SP1 to query our active directory server to check the user name and password of a user on a domain. public Object IsAuthenticated() { String domainAndUsername = strDomain + @"\" + strUser; DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, strPass); SearchResult result; try { //Bind to the native AdsObject to force authentication. DirectorySearcher search = new DirectorySearcher(entry) { Filter = ("(SAMAccountName=" + strUser + ")") }; search.PropertiesToLoad.Add("givenName"); // First Name search.PropertiesToLoad.Add("sn"); // Last Name search.PropertiesToLoad.Add("cn"); // Last Name result = search.FindOne(); if (null == result) { return null; } //Update the new path to the user in the directory. _path = result.Path; _filterAttribute = (String)result.Properties["cn"][0]; } catch (Exception ex) { return new Exception("Error authenticating user. " + ex.Message); } return user; } the target is using .NET 3.5, and compiled with VS 2008 standard I'm logged in under a domain account that is a domain admin where the application is running. The code works perfectly on windows XP; but i get the following exception when running it on Vista: System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): Logon failure: unknown user name or bad password. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne() at Chain_Of_Custody.Classes.Authentication.LdapAuthentication.IsAuthenticated() at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne() at Chain_Of_Custody.Classes.Authentication.LdapAuthentication.IsAuthenticated() I've tried changing the authentication types, I'm not sure what's going on. See also: http://stackoverflow.com/questions/290548/c-validate-a-username-and-password-against-active-directory

    Read the article

  • Extending GroupPrincipal and Members property

    - by Paolo Tedesco
    I want to extend the GroupPrincipal class to handle some custom properties: using System.DirectoryServices.AccountManagement; [DirectoryRdnPrefix("CN")] [DirectoryObjectClass("group")] public class MyGroupPrincipal : GroupPrincipal { // ... } How could I override the Members property for MyGroupPrincipal so that if it has a member that is a group an instance of MyGroupPrincipal and not of GroupPrincipal is returned? I would like to write e.g. MyGroupPrincipal group = GetGroup(); foreach (var m in group.Members) { if (m is MyGroupPrincipal) { // always fails: m is a normal GroupPrincipal // do something } }

    Read the article

  • SetPassword is very slow

    - by bja
    Hi We are experiencing a performance problem when communicating with the active directory using System.DirectoryServices. DirectoryEntry.Invoke("SetPassword", new object[] { password }) sometimes takes 15 seconds. The Service that makes the call is running on the same machine. What could make it that slow? Cheers, bja

    Read the article

  • LDAP in medium trust

    - by eych
    I've have a solution with one website and several projects. The projects all have the AllowPartiallyTrustedCallers attribute and are strongly-named. The site works in full trust. However, after set the trust to medium, I get the System.Security.SecurityException: Request failed. error as soon as I browse to the site. In my projects, I have calls to LogOnUser, as well as many calls to variousSystem.DirectoryServices.AccountManagement methods. Can this site run with medium trust or do I have to have full trust for all the LDAP calls? As I mentioned, I've set the AllowPartiallyTrustedCallers attribute on all projects. Not sure what else to do. Also, I have no idea what/where the error is being generated. The event logs on the server have nothing in regards to this SecurityException. Is there any way to find out what the error location is so maybe I can attempt to rewrite some code? [running .NET 4.0 on Win2k8R2]

    Read the article

  • Find Group size in active directory

    - by Ilya Biryukov
    Hey I have the following code. I get a directory entry for a user (strpath). And then I get the groups where the user is listed. How can I get the number of users in each group? DirectoryEntry myDE = new System.DirectoryServices.DirectoryEntry(strpath); object obGroups = myDE.Invoke("Groups"); foreach (object ob in (IEnumerable)obGroups) { DirectoryEntry obGpEntry = new DirectoryEntry(ob); GroupsListBox.Items.Add(obGpEntry.Name ); }

    Read the article

  • LDAP Query with sub result

    - by StefanE
    I have been banging my head for quite a while with this and can't get it to work. I have a LDAP Query I do have working in AD Users and Computers but dont know how to do it programatically in C#. Here are my LDAP Query that works fine in the AD Tool: (memberOf=CN=AccRght,OU=Groups,OU=P,OU=Server,DC=mydomain,DC=com)(objectCategory=user)(objectClass=user)(l=City) I have used this code to get the user accounts to get members of CN=AccRght but I'm not succeeding on limiting users belonging to a specific city. public StringCollection GetGroupMembers(string strDomain, string strGroup) { StringCollection groupMemebers = new StringCollection(); try { DirectoryEntry ent = new DirectoryEntry("LDAP://DC=" + strDomain + ",DC=com"); DirectorySearcher srch = new DirectorySearcher("(CN=" + strGroup + ")"); SearchResultCollection coll = srch.FindAll(); foreach (SearchResult rs in coll) { ResultPropertyCollection resultPropColl = rs.Properties; foreach( Object memberColl in resultPropColl["member"]) { DirectoryEntry gpMemberEntry = new DirectoryEntry("LDAP://" + memberColl); System.DirectoryServices.PropertyCollection userProps = gpMemberEntry.Properties; object obVal = userProps["sAMAccountName"].Value; if (null != obVal) { groupMemebers.Add(obVal.ToString()); } } } } catch (Exception ex) { Console.Write(ex.Message); } return groupMemebers; } Thanks for any help!

    Read the article

  • Unable to get ncName and netBIOSName Properties

    - by Randz
    I've some code on the net regarding retrieval of NetBIOSName (Pre-windows 2000 domain name) of an Active Directory Domain. Here's my code sample: Me._rootDSE = New System.DirectoryServices.DirectoryEntry("GC://RootDSE", "", "") Dim results As System.DirectoryServices.SearchResultCollection = Nothing Dim ADSPath As String = "GC://CN=Partitions," + Me._rootDSE.Properties("configurationNamingContext").Value.ToString() Dim adse As System.DirectoryServices.DirectoryEntry = New System.DirectoryServices.DirectoryEntry(ADSPath, "", "") Dim searcher As System.DirectoryServices.DirectorySearcher searcher = New System.DirectoryServices.DirectorySearcher(adse) searcher.SearchScope = DirectoryServices.SearchScope.OneLevel searcher.Filter = "(&(objectClass=crossRef)(systemflags=3))" searcher.PropertiesToLoad.Add("netbiosname") searcher.PropertiesToLoad.Add("ncname") results = searcher.FindAll() If results.Count > 0 Then For Each sr As System.DirectoryServices.SearchResult In results Dim de As System.DirectoryServices.DirectoryEntry = sr.GetDirectoryEntry() 'netbiosname and ncname properties returns nothing System.Diagnostics.Trace.WriteLine(sr.GetDirectoryEntry().Properties("netbiosname").Value.ToString()) System.Diagnostics.Trace.WriteLine(sr.GetDirectoryEntry().Properties("ncname").Value.ToString()) Next End If When I am using the "(&(objectClass=crossRef)(systemFlags=3))" filter, I am not getting any result, but when I removed the systemFlags filter, I get some results. However, on the search results that I got, I still cannot access the values of ncName and NetBIOSName properties. I can get other properties like distinguishedName and CN of the search result properly. Any idea on what I might be doing wrong, or where to look further?

    Read the article

  • A single AD user can't log into a single Mac bound to the domain (DirectoryServices error). How can I resolve this?

    - by Ben Wyatt
    On our campus, we have about 60 Macs joined to our Active Directory domain. Most users have no problems logging into Macs, as long as their accounts are configured correctly. However, we have one particular user who is unable to log in to just some of the Macs. He has no problem with most of them, but there is one group of them (all built from the same image) that he can't log in to. The machine in question is running OS X 10.6.2. The relevant entries from secure.log are below, with the hostname and username redacted. Aug 16 10:32:43 hostname SecurityAgent[4411]: Could not get the user record for username from DirectoryServices. Aug 16 10:32:43 hostname SecurityAgent[4411]: Will sleep 1 seconds and try again (retryCount = 4) Aug 16 10:32:44 hostname SecurityAgent[4411]: Could not get the user record for username from DirectoryServices. Aug 16 10:32:44 hostname SecurityAgent[4411]: Will sleep 2 seconds and try again (retryCount = 3) Aug 16 10:32:46 hostname SecurityAgent[4411]: Could not get the user record for username from DirectoryServices. Aug 16 10:32:46 hostname SecurityAgent[4411]: Will sleep 4 seconds and try again (retryCount = 2) Aug 16 10:33:10 hostname SecurityAgent[4411]: Could not get the user record for username from DirectoryServices. Aug 16 10:33:10 hostname SecurityAgent[4411]: Will sleep 8 seconds and try again (retryCount = 1) Aug 16 10:33:18 hostname SecurityAgent[4411]: User info context values set for username Aug 16 10:33:18 hostname SecurityAgent[4411]: unknown-user (username) login attempt PASSED for auditing Everything I've found online suggests that our use of Mobile Accounts is causing the issue. I turned that feature off, but I still can't log in as that user. id returns a record for his account, and nothing looks out of the ordinary. Has anyone here run into this before?

    Read the article

  • Active Directory Services: PrincipalContext -- What is the DN of a "container" object?

    - by Ranger Pretzel
    I'm currently trying to authenticate via Active Directory Services using the PrincipalContext class. I would like to have my application authenticate to the Domain using Sealed and SSL contexts. In order to do this, I have to use the following constructor of PrincipalContext (link to MSDN page): public PrincipalContext( ContextType contextType, string name, string container, ContextOptions options ) Specifically, I'm using the constructor as so: PrincipalContext domainContext = new PrincipalContext( ContextType.Domain, domain, container, ContextOptions.Sealing | ContextOptions.SecureSocketLayer); MSDN says about "container": The container on the store to use as the root of the context. All queries are performed under this root, and all inserts are performed into this container. For Domain and ApplicationDirectory context types, this parameter is the distinguished name (DN) of a container object. What is the DN of a container object? How do I find out what my container object is? Can I query the Active Directory (or LDAP) server for this?

    Read the article

  • LDAP Query for OU's

    - by Stephen Murby
    Sorry for being an uber pain people, its all very new :( Already had alot of help on this, but don't seem to be able to see the problem, I am trying to populate a combo box with a list of all the current OU's, later to send each machine within that OU a shutdown command. (Acquiring AD OU list & Active Directory list OU's) were my previous Q's. string defaultNamingContext; //TODO 0 - Acquire and display the available OU's DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE"); defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value.ToString(); DirectoryEntry entryToQuery = new DirectoryEntry ("LDAP://" + defaultNamingContext); MessageBox.Show(entryToQuery.Path.ToString()); DirectorySearcher ouSearch = new DirectorySearcher(entryToQuery.Path); ouSearch.Filter = "(objectCatergory=organizationalUnit)"; ouSearch.SearchScope = SearchScope.Subtree; ouSearch.PropertiesToLoad.Add("name"); SearchResultCollection allOUS = ouSearch.FindAll(); foreach (SearchResult oneResult in allOUS) { //comboBox1.Items.Add(oneResult.ToString()); comboBox1.Items.Add(oneResult.Properties["name"][0]); } I have been through and debugged everything i know, the searcher isn't picking up any results, hence why nothing is populated in the combo box.

    Read the article

1 2 3 4  | Next Page >