Getting System.DirectoryServices Example to Work (VB.NET)

Topic

New Reply

I have used VB6 quite a bit but this is my first project using .NET.

I found an example that allows me to search through our Active Directory Server to find a user by what it calls Alias. Since I cannot find that field in the user property, I am assuming it means the User Logon Name. No matter, I am not getting that far anyway. In the example from the help file (which I’ll paste at the end), it doesn’t give you how to actually use the code. I created a command button on a form to run it and hardcoded my user name in AD in the code of the event. I used the following code in the click event of the command button:

SearchMachine.Main(“mshea”)

This will return an error: C:DatabaseNETLDAP.NETForm1.vb(63): Value of type ‘String’ cannot be converted to ‘1-dimensional array of String’.

The class is as follows:

Public Overloads Shared Function Main(ByVal args As String()) As Integer

args = Environment.GetCommandLineArgs()
If args.Length < 2 Then
PrintUsage(args(0))
Return 0
End If

Dim alias1 As String = args(1)

Dim root As New System.DirectoryServices.DirectoryEntry("LDAP://121.21.121.121/CN=Our Users,DC=AD,DC=CHOC,DC=ORG")

Dim searcher As New System.DirectoryServices.DirectorySearcher(root)
searcher.Filter = "(mailNickname=" + alias1 + ")"
searcher.PropertiesToLoad.Add("cn")
searcher.PropertiesToLoad.Add("title")
searcher.PropertiesToLoad.Add("department")
searcher.PropertiesToLoad.Add("physicalDeliveryOfficeName")
searcher.PropertiesToLoad.Add("telephoneNumber")

Dim results As SearchResultCollection
results = searcher.FindAll()

Dim result As SearchResult
For Each result In results
Console.WriteLine(result.Properties("cn")(0))
Console.WriteLine(result.Properties("title")(0))
Console.WriteLine(result.Properties("department")(0))
Console.WriteLine(result.Properties("physicalDeliveryOfficeName")(0))
Console.WriteLine(result.Properties("telephoneNumber")(0))

Next result

End Function
Public Shared Sub PrintUsage(ByVal appName As String)
Console.WriteLine("Usage: " + appName + "”)
End Sub
End Class

Reply | Quote

Replies

I suggest creating the app with VB 6 and letting the VB .NET Upgrade Wizard import the .vbp file.

Reply | Quote

I don’t have a full understanding of the methods used in this so I don’t know as of yet how to convert them to a VB6 syntax. Further, I don’t think some of the inherited/imported objects are supported by VB6. Very nice thought though

Reply | Quote

Not exactly the best annoted example ever, eh?!

The example is meant to be run from a command line, hence the function looking for arguments passed in, i.e. the args = Environment.GetGommandLineArgs() bit. Rather silly, I think. I changed it every so slightly and have attached the code in a text file. Here’s how to make it work:

Open VS.Net, and choose File -> New -> Project. Make it a VB Project and from the Templates pane, choose a Console Application; give it a name and a directory and click OK. Paste in the code from the attached text file — you like those nice blue squiggle lines?! We need to add a reference to the System.DirectoryServices namespace. BTW, you’ll note in the original sample from M$ that they didn’t fully qualify the SearchResultCollection or SearchResult classes.

Hard code in the alias on line 5 and the LDAP binding path on line 7. If you haven’t assembled a LDAP binding path before, or are unfamiliar with the structure of the Active Directory for your domain, consult your network admin or responsible tech staff. I commented out all of the properties the sample was trying to fetch and display except for Department. Why? ‘Cause if the value is not present for that user, you receive an error. Sure, I could’ve added error handling for that eventuality, but I was having a hard enough time making it work as is!

OK, almost home. Now build your solution and hit F5. Watch closely as a DOS window will jump up quickly, display the “Department” property for the user, and quickly close. Or, pull up a DOS window a la Start -> Run, type “CMD”, and call the executable that you’ve just built from that DOS window. Behold the wonder of .NET!

Reply | Quote

Shane, Thanks for your reply.

I’m not sure what Alias1 is doing and don’t know what string to put in there.

Also, I am having great difficulty with figuring out what our LDAP connection string is. I’ve found some reference of strings in other applications of ours but I don’t see how it authenticates to our AD server since there is no password supplied. Here is one example: “LDAP://CN=Service Account,CN=Users,DC=AD,DC=CHHH,DC=ORG”

I haven’t found the network person that knows enough about LDAP to help me with this so far, but am still trying.

Reply | Quote

There’s nothing fun about LDAP binding strings! Here is the little bit that I know: CN stands for container, OU for organizational unit, sprinkle liberally with DCs. The easiest way to construct your string is to go to a server/workstation that has the AD Users and Computers MMC snap-in installed, and begin expanding the structure.

I’ll use an example from my company. We have an OU named “Branches”. That OU contains several OUs, each named for a branch location. Within each nested branch OU is yet another OU named “Users”. That final Users OU contains, you guessed it, users. So, an example of the LDAP binding string I used in this exercise is: LDAP://OU=Users,OU=Billings,OU=Branches,DC=istate,DC=com. This will bind to the Users OU in the Billings OU in the Branches OU in our AD domain. It does so using my credentials as I’m the person logged into my PC and validated against the domain. You’ll note that I didn’t choose a particular server to address; LDAP employees some logic that I frankly don’t understand to choose an appropriate server with the AD info present.

Great, I’ve managed to bind to the Users OU…now what? This is where the Alias1 variable comes in. The function uses the value of Alias1 as a filter to select a single user in the OU to which I’ve bound, i.e. the searcher.Filter = “(mailNickname=” + alias1 + “)” line in the code. You can find the mailNickName of a user by double-clicking their user account in the AD snap-in and looking at the “Exchange General” tab; or it’s probably the user portion of the email address everybody uses to send that person email.

I hope this helps a bit. I’ve found LDAP/ADSI/Active Directory manipulation to be an exercise in frustration, but also valuable functionality to have. I’m still on the steep side of the learning curve, though. Best of luck!

Reply | Quote