Retrieving object details from Active Directory

October 7, 2008
By admin

Obtaining any type of info from your Directory Services requires scripting, if you’re using the native tools. There’s an easier and faster way- you can use third party Active Directory solutions like the Active Directory Manager, or Active Directory Reporter.
So let’s compare the two approaches; let’s try to get something simple… say “User” details:

1- Scripting. Ok, we’re not big fans of scripting around here. Still, let’s follow this through, painful as it is:

public void GetUserDetails()
{
try
{
drpUsersList.Items.Clear();
ListItem li =new ListItem(“– Users List –”,”");
drpUsersList.Items.Add(li);
string _path =”LDAP://Your Domain Name”;
_filterAttribute =txtSearchEmployee.Text;
DirectorySearcher dSearch = new DirectorySearcher(_path);
dSearch.Filter = “(&(objectClass=user)(givenName=” + _filterAttribute + “*))”;
foreach(SearchResult sResultSet in dSearch.FindAll())
{
LoginName=GetProperty(sResultSet,”cn”); // Login Name
FirstName=GetProperty(sResultSet,”givenName”); // First Name
MiddleInitials=GetProperty(sResultSet,”initials”);// Middle Name
LastName=GetProperty(sResultSet,”sn”); // Last Name
Company=GetProperty(sResultSet,”company”); // Company
State=GetProperty(sResultSet,”st”); //State
City=GetProperty(sResultSet,”l”); //City
Country=GetProperty(sResultSet,”co”); //Country
Postalcode=GetProperty(sResultSet,”postalCode”); //Postalcode
TelephoneNumber=GetProperty(sResultSet,”telephoneNumber”);
Email=GetProperty(sResultSet,”mail”); //Email
uniqueName = GetProperty(sResultSet,”mailnickname”);
ListItem newitem = new ListItem(uniqueName,uniqueName);
drpUsersList.Items.Add(newitem);
}
}
catch(Exception ex)
{
Response.Write(ex.Message.ToString());
}
}

public static string GetProperty(SearchResult searchResult, string PropertyName)
{
if(searchResult.Properties.Contains(PropertyName))
{
return searchResult.Properties[PropertyName][0].ToString() ;
}
else
{
return string.Empty;
}
}

2- Active Directory Manager/Active Directory Reporter. First off- NO SCRIPTING. Once you log in through the web interface (that’s your bowser), it’s pretty easy to obtain any details about User objects. It’s a 3 step process taking virtually seconds- click on the “Reports Tab/User reports”, click “General Reports” and “All Users”. In the next screen, search for the user you’re looking for, and the Active Directory Manger will display all the User details.

The script in the first example is quite simple. By all accounts, if you want to do anything more involved in AD the script is only going to get more complicated. And we all know the longer the script is, the more chances you have of something going wrong.
In today’s world, you have to simplify your IT- why add more complexity to your environment?

Tags: , , , , , , , , , , , ,

Leave a Reply