Wednesday, December 22, 2010

Enumerating Active Directory object properties using C#

I had to look up for a properties in Active Directory against my login. Since I didn’t even know the name of properties, I had to enumerate through them. Here is the code.

1. Create C# application and add a configuration file “app.config”.

2. Update it as follows:

    <add key="ADDomain" value="mydomain"/>
    <add key="username" value="username"/>

Update your “domain” and “username”.

3. Add following code in Main method (usually in program.cs file)

    using (DirectoryEntry de = new DirectoryEntry(@"LDAP://" + ConfigurationSettings.AppSettings["ADDomain"]))
        using (DirectorySearcher adSearch = new DirectorySearcher(de))
            adSearch.Filter = "(sAMAccountName=" + ConfigurationSettings.AppSettings["username"] + ")";
            SearchResult sr = adSearch.FindOne();
            foreach (string prop in sr.Properties.PropertyNames)
                Console.WriteLine(prop + " = " +sr.Properties[prop][0].ToString());
catch (Exception ex)

NOTE: If your computer is on domain on which you are searching, you can get “current” domain by doing the following:

DirectoryEntry deDomain = new DirectoryEntry();
deDomain.Name.Replace("DC=", "")

So you won’t need to have the ADDomain config entry.

PERFORMANCE NOTE: When you know the property name you need, specify it as follows before calling “find” method:


This will only load the given property instead of loading the whole object.

No comments:

Post a Comment

Feel free to give constructive feedback or let me know if it was helpful.