0
votes

I'm working in C#.Net 4.5. I'm using below code to check whether a particular user belongs to the given AD group or not. But, it is not giving results, though I enter valid user details.

DirectoryEntry de = new DirectoryEntry();
de.Path = "LDAP://xyz.com";
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
string usr = "test1";
deSearch.Filter = string.Format("(&(objectCategory=person)(anr={0}))", usr);
SearchResult result = deSearch.FindOne();

I have tried with below Filter criteria as well, but result is null. Please let me know what went wrong in my code.

  1. deSearch.Filter ="(&(objectCategory=person)(objectClass=user)(sn="+usr+"))"
  2. deSearch.Filter = "(uid=" + usr+ ")";
  3. deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(racfid="+usr+"))"
1

1 Answers

0
votes

Try userPrincipalName like this:

deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(userPrincipalName=" + usr  + "@*))";
deSearch.PropertiesToLoad.Add("userPrincipalName");
deSearch.PropertiesToLoad.Add("displayName");

SearchResult result = deSearch.FindOne();