Skip to main content

Programming AD with C#.NET – part 3

So far we have managed to exclude System.DirectoryServices because of our original issues, and System.DirectoryServices.AccountManagement because of performance issues. What is left for us now is System.DirectoryServices.Protocols, and that is the namespace of our choice.

Generally the System.DirectoryServices.Protocols is pretty similar to System.DirectoryServices, so it is not a big deal to rebuild our existing classes to a newer version. But there are always some small obsacles that need to be conquered. A very good guide to get started with these classes is written by Ethan Wilansky and published on MSDN, Introduction to System.DirectoryServices.Protocols.

An small issue is that you always have to know if an attribute exists before you try to remove it. The same thing applies when an attribute is saved, you must know if it is a new attribute to be created or an existing attribute that should be updated. If an incorrect action is taken a DirectoryOperationException will be thrown. A simple solution for this problem is to add a PermissiveModifyControl to the request. This will make sure that add, edit and remove events is handled nicely without throwing any exceptions.

Paging a search result is another thing that could be a little tricky. With System.DirectoryServices you only had to set the PageSize on a DirectorySearcher and the paging was automatically handled. With System.DirectoryServices.Protocols we have got to deal with the paging ourselves. There are a lot more information about this in the article mention above, Introduction to System.DirectoryServices.Protocols.

One third little quirk I had was when creating user accounts.We need to be able to set the password, and with System.DirectoryServices.Protocols it is possible to modify the value unicodePwd. However there are a couple of things to keep in mind.:
  • A 128 bit encrypted channel must be used.
  • The password must be a byte array containing the password surrounded by quotation marks.
Here is a simple code sample that meets both of these demands:

LdapDirectoryIdentifier identifier = new LdapDirectoryIdentifier("server");
NetworkCredential credential = new NetworkCredential("user", "password", "domain");
using(LdapConnection connection = new LdapConnection(identifier, credential))
{
    connection.SessionOptions.Signed = true;
    connection.SessionOptions.Sealed = true;
    DirectoryAttribute[] attributes = new DirectoryAttribute[] {
        new DirectoryAttribute("objectClass", "user"),
        new DirectoryAttribute("userPrincipalName", "newAdAccount@domain.com"),
        new DirectoryAttribute("samAccountName", "newAdAccount"),
        new DirectoryAttribute("unicodePwd", Encoding.Unicode.GetBytes("\"passw0rd\""))
    };
    AddRequest request = new AddRequest("CN=newAdAccount,OU=Test,DN=domain,DN=com", attributes);
    connection.SendRequest(request);
}
Labels:

Comments

Post a Comment

Popular posts from this blog

Binding a HTML-formatted string to a WPF WebBrowser control

Sometimes there is a need to display a HTML formatted string in a WPF application. There are a couple of ways to do this, but the most stright forward is to use a WebBrowser control and the NavigateToString method. This approach has one big flaw, you cannot use binding to a string out of the box, but I found a great solution through Stack Overflow which adds a bindable property to the  WebBrowser  control using  NavigateToString . The following class is all that is needed to add that behavior. A new depencency property named Html is introduced to the  WebBrowser  and the proper change action is performed in the OnHtmlChanged method. public class BrowserBehavior { public static readonly DependencyProperty HtmlProperty = DependencyProperty.RegisterAttached( "Html", typeof(string), typeof(BrowserBehavior), new FrameworkPropertyMetadata(OnHtmlChanged)); [AttachedPropertyBrowsableForType(typeof(WebBrowser))] public static string GetHtml(WebBrowser bro
1 comment
Read more

Binding Enum with DescriptionAttribute in WPF

Binding an enumeration to a ComboBox can be done in several ways. In most cases you don't want to display the value itself, but a more user friendly description. One common approach is to use the DescriptionAttribute on the Enum values to supply a description for each value.  This is all possible in a very MVVM friendly way. First step is to add the  DescriptionAttribute  to the values of the enumeration. public enum MyValues { [Description("First value")] First, [Description("Second value")] Second } To retrieve the description from the enum we use a simple extension method. This method returns the value of the DescriptionAttribute if it exists, otherwise the string representation of the enum value is returned. public static string GetDescription(this Enum value) { var fieldInfo = value.GetType().GetField(value.ToString()); var attribute = fieldInfo.GetCustomAttributes(typeof(DescriptionAttribute), false).FirstOrDefault() as
2 comments
Read more

Google+ finally for everyone!

There have been a lot of whining on Google from their Apps-users since the launch of  Google+  for everyone with a regular Google-account. The Apps-users have not been able to use  Google+ , until now! (actually  october 27 ) As usual I am impressed with most of the things Google accomplishes, but now when all of their services have gotten a visual and functional touchup I am getting really impressed. As someone at an early stage pointed out it is really sweet of Google to play naive and let me fill in my profile information when I create my profile (as if Google did not already know), but after a few clicks I am on the go. My albums from Picasa is automatically integrated and even the pictures I have uploaded to this blog is shown in  Google+ . But what happens next? Practically no one of my friends are on  Google+  so what do I use it for? I guess we will see. Hopefully there will be even more integration between the social networks in the future. I am anyhow very satified with
1 comment
Read more