directoryservices - w3toppers.com

How do I validate Active Directory creds over LDAP + SSL?

I was able to validate credentials using the System.DirectoryServices.Protocols namespace, thanks to a co-worker. Here’s the code: // See http://support.microsoft.com/kb/218185 for full list of LDAP error codes const int ldapErrorInvalidCredentials = 0x31; const string server = “sd.example.com:636”; const string domain = “sd.example.com”; try { using (var ldapConnection = new LdapConnection(server)) { var networkCredential = new … Read more

Connecting to LDAP from C# using DirectoryServices

Well, I think your connection string is missing a bit – specifying just the server name isn’t good enough – you also need to specify a “starting point” for your search. In AD, this would typically be something like the “Users” container in your domain, which you’d specify like this in LDAP parlance: LDAP://novellBox.sample.com/cn=Users,dc=YourCompany,dc=com Not … Read more

Memory Leak when using DirectorySearcher.FindAll()

As strange as it may be, it seems that the memory leak only occurs if you don’t do anything with the search results. Modifying the code in the question as follows does not leak any memory: using (var src = mySearcher.FindAll()) { var enumerator = src.GetEnumerator(); enumerator.MoveNext(); } This seems to be caused by the … Read more

System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred

I had exactly the same error and fixed it by changing the site’s application pool to run under the Network Service. In IIS: Select your site’s application pool Select Advanced Settings on the right-hand side On the Advanced Settings pop-up window, scroll down to the Process Model group Change the first option called Identity to … Read more

Error 0x80005000 and DirectoryServices

I had the same again and again and nothing seemed to help. Changing the path from ldap:// to LDAP:// did the trick.

How to get all the AD groups for a particular user?

You should use System.DirectoryServices.AccountManagement. It’s much easier. Here is a nice code project article giving you an overview on all the classes in this DLL. As you pointed out, your current approach doesn’t find out the primary group. Actually, it’s much worse than you thought. There are some more cases that it doesn’t work, like … Read more

How to programmatically change Active Directory password

You can use the UserPrincipal class’ SetPassword method, provided you have enough privileges, once you’ve found the correct UserPrincipal object. Use FindByIdentity to look up the principal object in question. using (var context = new PrincipalContext( ContextType.Domain )) { using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName )) { user.SetPassword( “newpassword” ); // or user.ChangePassword( … Read more