Create an Active Directory Parser based on Organisational Units (OUs)

LDAP queries look like this:

("CN=Dev-UK,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");

What it means:

  • CN = Common Name
  • OU = Organizational Unit
  • DC = Domain Component

These are all parts of the X.500 Directory Specification, which defines nodes in a LDAP directory.

Each = pair is a search criteria.

With the query

("CN=Dev-UK,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");

In effect the query is:

From the com Domain Component, find the google Domain Component, and then inside it the glDomain Component and then inside it the gp Domain Component.

In the gp Domain Component, find the Organizational Unit called Distribution Groups and then find the the object that has a common name of Dev-UK.

In order to list all users in this OU, you can write the following function:

public ArrayList EnumerateOU(string domainController, string OuDn, string username, string password)
 {
 ArrayList alObjects = new ArrayList();
 try
 {
 DirectoryEntry directoryObject = new DirectoryEntry("LDAP://" + domainController + "/" + OuDn);
 directoryObject.Username = username;
 directoryObject.Password = password;
 directoryObject.AuthenticationType = AuthenticationTypes.Secure;
 
 foreach (DirectoryEntry child in directoryObject.Children)
 {
 string childPath = child.Path.ToString();
 alObjects.Add(childPath.Remove(0, 7));
 //remove the LDAP prefix from the path
child.Close();
 child.Dispose();
 }
 directoryObject.Close();
 directoryObject.Dispose();
 }
 catch (DirectoryServicesCOMException e)
 {
 Console.WriteLine("An Error Occurred: " + e.Message.ToString());
 }
 return alObjects;
 }
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s