开发者

Getting started with ActiveDirectory in C#

开发者 https://www.devze.com 2022-12-19 03:17 出处:网络
I\'m working on a .NET application written in C# and WPF. In thi开发者_运维问答s application we will authenticate the users towards an Active Directory server. In the end we might want to support othe

I'm working on a .NET application written in C# and WPF. In thi开发者_运维问答s application we will authenticate the users towards an Active Directory server. In the end we might want to support other LDAP implementations too, so if I can build this without being ActiveDirectory-specific that would be an advantage.

What's the best approach to get started with this? Are there any good resources I should check out? I've heard there is a library in .NET for handling the communication with Active Directory - or is there a general LDAP library? Any advice is appreciated!

Note: I'm using .NET 3.5.


.NET 3.5 made this tremendously easier than it used to be by adding the System.DirectoryServices.AccountManagement namespace. Unless you're not on .NET 3.5, I'd go directly into this namespace. As usual, The Code Project has something up showing a lot of example uses.

Simplicity example, authenticating a user:

var pc = new PrincipalContext(ContextType.Domain, "MyDomain", "DC=MyDomain,DC=com");
return pc.ValidateCredentials(username, pass);


I would avoid using the System.DirectoryServices.AccountManagement if possible. It certainly appears to make things easier, but I've had numerous problems with it (such as it ignoring a specified port on occasion) and it is really just a light wrapper around System.DirectoryServices. Although you may have luck with other LDAP directories with it, it was certainly not designed for it.

I would recommend the System.DirectoryServices.Protocols assembly. It is a little harder to get started with and will also require a bit more effort, but you will find it to be much more flexible with better performance and it is far more standards-compliant. I've had great success using it against a number of different directories, including AD.

MSDN has a fantastic introduction article, that will cover most scenarios you're likely to require.


IF you're on .NET 3.5, definitely check out the System.DirectoryServices.AccountManagement namespace - it made things a whole lot easier than before!

Also check out this MSDN article Managing Directory Security Principals in the .NET Framework 3.5 on the topic - highly recommended!

If you need to stay "generic" and support other LDAP directories, you might also want to have a look at Introduction to System.DirectoryServices.Protocol which is the Microsoft .NET assembly and namespace which deals with lower-level LDAP calls and should work against any LDAP compliant directory (Sun, Novell etc.)


You'll need to go with System.DirectoryServices assembly. Here is some samples: Querying Active Directory using .NET classes and LDAP queries


You can refer my OSS project which base on ActiveRecord pattern as following(Because it is open source you can find out how to operate the AD with DirectoryEntry, DirectoryEntry is not only support the LDAP protocol but also IIS, WIN and so on, so I develop this lib):

using (var userObject = UserObject.FindOneByCN(this.ADOperator, “pangxiaoliang”))
{
     if(userObject.Email == "example@landpy.com")
     {
          userObject.Email = "mv@live.cn";
          userObject.Save();
     }
}

https://landpyactivedirectory.codeplex.com/documentation

And you will find it easy to operate the AD with it, if you have no interest with it please ignore my answer. Any question about AD please contact me :)

0

精彩评论

暂无评论...
验证码 换一张
取 消