Skip to main content

Programming AD with C#.NET – part 3

So far we have managed to exclude System.DirectoryServices because of our original issues, and System.DirectoryServices.AccountManagement because of performance issues. What is left for us now is System.DirectoryServices.Protocols, and that is the namespace of our choice.

Generally the System.DirectoryServices.Protocols is pretty similar to System.DirectoryServices, so it is not a big deal to rebuild our existing classes to a newer version. But there are always some small obsacles that need to be conquered. A very good guide to get started with these classes is written by Ethan Wilansky and published on MSDN, Introduction to System.DirectoryServices.Protocols.

An small issue is that you always have to know if an attribute exists before you try to remove it. The same thing applies when an attribute is saved, you must know if it is a new attribute to be created or an existing attribute that should be updated. If an incorrect action is taken a DirectoryOperationException will be thrown. A simple solution for this problem is to add a PermissiveModifyControl to the request. This will make sure that add, edit and remove events is handled nicely without throwing any exceptions.

Paging a search result is another thing that could be a little tricky. With System.DirectoryServices you only had to set the PageSize on a DirectorySearcher and the paging was automatically handled. With System.DirectoryServices.Protocols we have got to deal with the paging ourselves. There are a lot more information about this in the article mention above, Introduction to System.DirectoryServices.Protocols.

One third little quirk I had was when creating user accounts.We need to be able to set the password, and with System.DirectoryServices.Protocols it is possible to modify the value unicodePwd. However there are a couple of things to keep in mind.:
  • A 128 bit encrypted channel must be used.
  • The password must be a byte array containing the password surrounded by quotation marks.
Here is a simple code sample that meets both of these demands:

LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier("server");
NetworkCredential credential = new NetworkCredential("user", "password", "domain");
using(LdapConnection connection = new LdapConnection(identifier, credential))
{
    connection.SessionOptions.Signed = true;
    connection.SessionOptions.Sealed = true;
    DirectoryAttribute[] attributes = new DirectoryAttribute[] {
        new DirectoryAttribute("objectClass", "user"),
        new DirectoryAttribute("userPrincipalName", "newAdAccount@domain.com"),
        new DirectoryAttribute("samAccountName", "newAdAccount"),
        new DirectoryAttribute("unicodePwd", Encoding.Unicode.GetBytes("\"passw0rd\""))
    };
    AddRequest request = new AddRequest("CN=newAdAccount,OU=Test,DN=domain,DN=com", attributes);
    connection.SendRequest(request);
}

Comments

Popular posts from this blog

The Cornball goes to Brunch with Chaplin

Lately I've been working pretty hard on different projects but not really stumbling upon anything blogworthy. The most recent project is quite interesting though, a single page, touch friendly, web application using the latest and greatest technologies. We've ended up with using Brunch with Chaplin , which is a very neat way of setting up a Backbone based single page web project with Brunch and Chaplin . Aside from this, I have my own little project that has lived on for almost 15 years already, The Cornball . From being a plain Windows application written i C an Win32 API, it has been ported to .NET using WPF, and is currently a Silverlight application hosted on Windows Azure. I could not find a better time to reanimate this project and create a new web based version, touch friendly, super optimized, awesome in any way. So I did... So please follow my journey at Github . It's going to take a while, I assure you, but I already have some ground work done. Meanwhile,...

Bindable RichTextBox with HTML conversion in WPF

In WPF , the RichTextBox  control is not really like other controls. Due to its flexible nature, there is no built in way of binding a property to the content. In this case, I wanted a simple  RichTextBox  control with a binding to an HTML formatted string to be able to use the built-in formatting features of the  RichTextBox  and allow users to create simple HTML formatted content. First, doing the conversion on-the-fly proved to have major performance issues, so I ended up binding the content to a XAML string. The XAML to HTML conversion can be performed at any time. I created a UserControl with a bindable Text-property. The view contains a  RichTextBox  control. <RichTextBox x:Name="richTextBox" TextChanged="OnRichTextBoxChanged"> The source code for the user control contains the Text property and the methods to handle the binding. public static readonly DependencyProperty TextProperty = DependencyProperty.Register( "Te...

Using ASP.NET MVC with MEF

I wrote this post almost a year ago, but never published it for some reason. Anyway, here is a little MVC/MEF magic. By default a controller in MVC must have a parameterless constructor. When using MEF a good practice is to inject the services via constructor parameters. These two in combination obviously creates an issue where the following scenario will not work out of the box, since there is no parameterless constructor for  MVC  to use. Note that the PartCreationPolicy is set to NonShared since a new controller have to be initialized for each request. [Export] [PartCreationPolicy(CreationPolicy.NonShared)] public class HomeController : Controller {     private readonly IServiceClient _service;     [ImportingConstructor]     public HomeController(IServiceClient service)     {         _service = service;     }     public ActionResult Index()     {         ...