My goal, somehow, is to populate a dropdownlist with all the user names
in active directory. I don't even know where to begin, really.
OK, the very FIRST question I would ask myself is : REALLY ?? Do you
really need this, and second, if yes - how many users will you be
displaying?? If you have a dozen or two - okay, no problem.
If you have more than 50 or so - forget it - won't work. Having huge
long lists of user name is just totally against all usability.
I added a reference to System.DirectoryServices so I could use the
System.DirectoryServices.ActiveDirectory namespace. I don't even know if
this is the right way to go as I can't seem to find anything in that
namespace that would help me query active directory for names.
Sure, you're on the right track. Next thing you need to do is this:
since you have a domain with any number of potential organizational
units (OU's) inside it structuring your organization, you will need to
do a domain-wide search for users (if you really want that).
Again: an alternative might be to do a two-stage search. First present
the user with a list of all OU's in your domain (usually a couple or a
few dozen), e.g. "Finance", "R&D" and so forth. Once the user has
picked the OU he wants to see, then search the users inside that
(usually a MUCH smaller number than ALL the domain users) and shows
just those in a second dropdown.
I can't use an LDAP query because lDAP isn't working on our network for
some reason (never has. i posted a note asking help for this on the
win2000.general newsgroup but no one replied).
Well, if you can't use LDAP, you're totally out of luck. Active
Directory and all the System.DirectoryServices stuff is based on LDAP.
No LDAP, no go........
So, once you've decided what to do and LDAP is working, here's how you
can do a domain-wide search - if you really want to do it in the end.
First you need to know what your domain is - either ask your domain
admin, or you can peek it like so (sorry, I'm fluent in C# only, so
you'll have to do the translations to VB.NET yourself or use one of
the C#-to-VB.NET translators out there on the 'net):
// bind to the LDAP root
DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");
// grab the defaultNamingContext
string myDomain = root.Properties["defaultNamingContext"].Value;
Next, once you have your domain name, you need to set up a domain
searcher on the domain level, and search for all users inside it:
DirectoryEntry domain = new DirectoryEntry("LDAP://" + myDomain);
DirectorySearcher dsUsers = new DirectorySearcher(domain);
// set up the searcher properties - search users, and return
// just their distinguishedName, givenName (first name), and
// sn (surname = family name)
dsUsers.Filter = "(&(objectCategory=person)(objectClass=user))";
dsUsers.PropertiesToLoad.Add("distinguishedName");
dsUsers.PropertiesToLoad.Add("givenName");
dsUsers.PropertiesToLoad.Add("sn");
Now let the searcher do its magic and find all users - you will get a
"SearchResult" object back, in which you can access all the properties
you've specified in the "PropertiesToLoad" collection:
List<string> allDomainUsers = new List<string>();
foreach(SearchResult result in dsUsers.FindAll() )
{
// grab the properties and store them somewhere, e.g. in a
// List<string> or something like that, which can then be
// bound to a combobox
string firstName = result.Properties["givenName"][0].ToString();
string lastName = result.Properties["sn"][0].ToString();
allDomainUsers.Add(firstName + " " + lastName);
}
Hope this helps you get started a bit.
If you have more questions, you can go to the MSDN
System.DirectoryServices portal here:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/portal.asp
There are LOTS of really good examples there, in both C# and VB.NET.
Or buy the excellent book by my fellow MVP's Joe Kaplan and Ryan Dunn
- really excellent stuff about Active Directory programming!
The .NET Developer's Guide to Directory Services Programming
(Microsoft Net Development Series)
http://www.amazon.com/gp/product/0321350170/
Or post here again, of course - better yet - post in the
microsoft.public.adsi.general group, that's the hard-core Active
Directory programming group.
Marc