域登录获取用户名字的控制

I'm writing a web application which uses windows authentication and I can happily get the user's login name using something like:

 string login = User.Identity.Name.ToString();  

But I don't need their login name I want their DisplayName. I've been banging my head for a couple hours now...

Can I access my organisation's AD via a web application?

c# active-directory web-development howto

flag

edited Mar 10 '09 at 3:13

Geoffrey Chetwood
7,596●4●19●38

asked Oct 29 '08 at 11:56

DrG
2,508●9●28

86% accept rate

5 Answers

oldest newest votes

6

How about this:

private static string GetFullName()      {          try          {              DirectoryEntry de = new DirectoryEntry("WinNT://" + Environment.UserDomainName + "/" + Environment.UserName);              return de.Properties["fullName"].Value.ToString();          }          catch { return null; }      }  

link|flag

answered Oct 29 '08 at 13:01

Ben

This is the best way to do it for single user propreties. – thismat Oct 29 '08 at 13:08

Yeah, I'm liking the simplicity of this ALOT, especially since it works. I owe you a drink! – DrG Oct 29 '08 at 15:30

This did work, but the WINNT:// properties are a lot less comprehesive than the LDAP:// properties (see rlmueller.net/Name_Attributes.htm) so while this did work, I was unable to get say user's email addresses using the WINNT:// binding – DrG Nov 11 '08 at 19:44

6

See related question: Active Directory: Retrieve User information

See also: Howto: (Almost) Everything In Active Directory via C# and more specifically section "Enumerate an object's properties".

If you have a path to connect to a group in a domain, the following snippet may be helpful:

GetUserProperty("<myaccount>", "DisplayName");    public static string GetUserProperty(string accountName, string propertyName)  {          DirectoryEntry entry = new DirectoryEntry();          // "LDAP://CN=<group name>, CN =<Users>, DC=<domain component>, DC=<domain component>,..."          entry.Path = "LDAP://...";          entry.AuthenticationType = AuthenticationTypes.Secure;            DirectorySearcher search = new DirectorySearcher(entry);          search.Filter = "(SAMAccountName=" + accountName + ")";          search.PropertiesToLoad.Add(propertyName);            SearchResultCollection results = search.FindAll();          if (results != null && results.Count > 0)          {                  return results[0].Properties[propertyName][0].ToString();          }          else          {                  return "Unknown User";          }  }  

link|flag

answered Oct 29 '08 at 12:47

Panos
4,979●5●22

2

There is a CodePlex project for Linq to AD, if you're interested.

It's also covered in the book LINQ Unleashed for C# by Paul Kimmel - he uses the above project as his starting point.

not affiliated with either source - I just read the book recently

link|flag

answered Oct 29 '08 at 13:17

GalacticCowboy
3,960●6●22

2

In case anyone cares I managed to crack this one:

      /// This is some imaginary code to show you how to use it          Session["USER"] = User.Identity.Name.ToString();        Session["LOGIN"] = RemoveDomainPrefix(User.Identity.Name.ToString()); // not a real function :D        string ldappath = "LDAP://your_ldap_path";        // "LDAP://CN=<group name>, CN =<Users>, DC=<domain component>, DC=<domain component>,..."            Session["cn"] = GetAttribute(ldappath, (string)Session["LOGIN"], "cn");        Session["displayName"] = GetAttribute(ldappath, (string)Session["LOGIN"], "displayName");        Session["mail"] = GetAttribute(ldappath, (string)Session["LOGIN"], "mail");        Session["givenName"] = GetAttribute(ldappath, (string)Session["LOGIN"], "givenName");        Session["sn"] = GetAttribute(ldappath, (string)Session["LOGIN"], "sn");      /// working code    public static string GetAttribute(string ldappath, string sAMAccountName, string attribute)      {          string OUT = string.Empty;            try          {              DirectoryEntry de = new DirectoryEntry(ldappath);              DirectorySearcher ds = new DirectorySearcher(de);              ds.Filter = "(&(objectClass=user)(objectCategory=person)(sAMAccountName=" + sAMAccountName + "))";                SearchResultCollection results = ds.FindAll();                foreach (SearchResult result in results)              {                  OUT =  GetProperty(result, attribute);              }          }          catch (Exception t)          {              // System.Diagnostics.Debug.WriteLine(t.Message);          }            return (OUT != null) ? OUT : string.Empty;      }    public static string GetProperty(SearchResult searchResult, string PropertyName)      {          if (searchResult.Properties.Contains(PropertyName))          {              return searchResult.Properties[PropertyName][0].ToString();          }          else          {              return string.Empty;          }      }