Active Directory Search fails ("The directory service is unavailab

E

ejcosta

Hi all,

I'm having one of those nerve wrecking errors, when trying to perform a
simple search in an Active Directory. The objective of the code is to, given
a user name, search the AD for couple of specified properties, including the
groups the user belongs to.

The odd thing is that, if I set filter simply as "(objectCategory=user)", it
works. If I add any other search criteria, it throws an exception with the
message "the directory service is unavailable.".

Can any of you help? Here's the code that I'm using to perform the search:

public static void GetADUserGroups(string LoggedInUser){
DirectorySearcher search = new DirectorySearcher("LDAP://" +
Common.getValue("SPDomain"));
search.Filter = @"(objectCategory=user)(samaccountname=" + LoggedInUser +
")";

search.PropertiesToLoad.Add("memberof");
search.PropertiesToLoad.Add("department");
search.PropertiesToLoad.Add("cn");
search.PropertiesToLoad.Add("sn");
search.PropertiesToLoad.Add("name");
search.PropertiesToLoad.Add("samaccountname");

System.Text.StringBuilder groupNames = new System.Text.StringBuilder();

// Search time out
TimeSpan waitTime;
try{
waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
search.ClientTimeout = waitTime; //wait this much time to display results
}
catch (Exception Ex){
throw new SystemException("Error = " + Ex.Message + Ex.InnerException, Ex);
}

try{
SearchResult result = search.FindOne();
if(result != null){
int propertyCount = result.Properties["memberOf"].Count;
String dn;
int equalsIndex, commaIndex;

for(int propertyCounter = 0; propertyCounter < propertyCount;
propertyCounter++){
dn = (String)result.Properties["memberOf"][propertyCounter];
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
if(-1 == equalsIndex){
return;
}
groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
- equalsIndex) - 1));
groupNames.Append("|");
}
}
}
catch(Exception ex){
throw new Exception("Error obtaining group names. " + ex.Message);
}
}

Thanks in advance for all the help you guys can provide!
ejcosta
 
J

Joe Kaplan \(MVP - ADSI\)

Your search filter should look like this for a compound query:
(&(objectCategory=user)(samaccountname=username))

Normally, I'd expect an invalid filter syntax error though.

You might also need to include credentials in your DirectoryEntry
constructor if your security context isn't a domain account or can't hop to
the domain controller due to impersonation/delegation issues. This is
common in ASP.NET.

Joe K.
 
E

Eurico Costa

Joe,

Thank you so much for your help. Your answer worked perfectly.

Regards,
Eurico

Joe Kaplan (MVP - ADSI) said:
Your search filter should look like this for a compound query:
(&(objectCategory=user)(samaccountname=username))

Normally, I'd expect an invalid filter syntax error though.

You might also need to include credentials in your DirectoryEntry
constructor if your security context isn't a domain account or can't hop to
the domain controller due to impersonation/delegation issues. This is
common in ASP.NET.

Joe K.

ejcosta said:
Hi all,

I'm having one of those nerve wrecking errors, when trying to perform a
simple search in an Active Directory. The objective of the code is to,
given
a user name, search the AD for couple of specified properties, including
the
groups the user belongs to.

The odd thing is that, if I set filter simply as "(objectCategory=user)",
it
works. If I add any other search criteria, it throws an exception with the
message "the directory service is unavailable.".

Can any of you help? Here's the code that I'm using to perform the search:

public static void GetADUserGroups(string LoggedInUser){
DirectorySearcher search = new DirectorySearcher("LDAP://" +
Common.getValue("SPDomain"));
search.Filter = @"(objectCategory=user)(samaccountname=" + LoggedInUser +
")";

search.PropertiesToLoad.Add("memberof");
search.PropertiesToLoad.Add("department");
search.PropertiesToLoad.Add("cn");
search.PropertiesToLoad.Add("sn");
search.PropertiesToLoad.Add("name");
search.PropertiesToLoad.Add("samaccountname");

System.Text.StringBuilder groupNames = new System.Text.StringBuilder();

// Search time out
TimeSpan waitTime;
try{
waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
search.ClientTimeout = waitTime; //wait this much time to display results
}
catch (Exception Ex){
throw new SystemException("Error = " + Ex.Message + Ex.InnerException,
Ex);
}

try{
SearchResult result = search.FindOne();
if(result != null){
int propertyCount = result.Properties["memberOf"].Count;
String dn;
int equalsIndex, commaIndex;

for(int propertyCounter = 0; propertyCounter < propertyCount;
propertyCounter++){
dn = (String)result.Properties["memberOf"][propertyCounter];
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
if(-1 == equalsIndex){
return;
}
groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
- equalsIndex) - 1));
groupNames.Append("|");
}
}
}
catch(Exception ex){
throw new Exception("Error obtaining group names. " + ex.Message);
}
}

Thanks in advance for all the help you guys can provide!
ejcosta
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,731
Messages
2,569,432
Members
44,832
Latest member
GlennSmall

Latest Threads

Top