Active Directory

Print UserAccountControl AD property programmatically.

Even there are a few standard AD Editors, including AD MMC, ADSIEdit, and LDM, I needed to read the UserAccountControl AD property from my application. UserAccountControl is a bit flags attribute, so I had to create C# enum similar to C++ ADS_USER_FLAG_ENUM enum from MSDN. Below is the code of functions GetUserAccountControl(Direc... anEntry) and UserAccountControlToString(... nUserAccountControl) : public static int? GetUserAccountControl(Direc... anEntry) { //MNF 10/8/2005 if Properties["userAccountCont... ......

DirectorySearcher.FindAll() -should have PageSize=1000

When you are calling DirectorySearcher.FindAll() and there is a chance to have more than 1000 records back, you must set PageSize to non-zero value, preferably 1000. Otherwise only the first 1000 records will be returned and other entries will be missed without any warning. The names of DirectorySearcher members and documentation is quite messy. FindAll() method should return ALL records, not the first 1000. Setting PageSize doesn't mean that you get back only single page, but triggers returning ......

COMException (0x80004005): Unspecified error] in DirectorySearcher.FindAll() means LDAP string is invalid.

I've got an error COMException (0x80004005) when called DirectorySearcher.FindAll() and had no idea, why it happened. Thanks to DirectorySearcher.FindAll() causes Unspecified Error in C# but not in VB.NET discussion I was pointed, that the error is shown if DirectorySearcher.SearchRoot path is not valid, e.g. it is “DomainName” instead of “LDAP://DomainName... I beleive MS could provide more clear error description ......

System.DirectoryServices.PropertyCollection.Item -what returns if propertyName is invalid

I am retrieving some info from Active directory and I had a question what happens if invalid (non-existing) Property Name to System.DirectoryServices.Pr... will be passed E.g -what would happened if the code reads anEntry.Properties["userAcc... ,but DirectoryEntry doesn't have property "userAccountControl“ . It is not documented in MSDN so I had to investigate it myself. In .Net 1.1 I found that anEntry.Properties["userAcc... returns not null ......

Function to Print DirectoryEntry properties

When I debugging function that retrieved active directory properties, Visual Studio 2005 debugger show them as a collection , but not as an individual values. So I wrote function, copied from GetPropertyList function from LDAP, IIS and WinNT Directory Services article written by klaus_salchner [Conditional("DEBUG")] public static void PrintDirectoryEntryProperti... entry, string sComment) { // loop through all the properties and get the key for each foreach ......