Interacting with Active Directory using C# Application

Learn how to use DirectoryEntry class of Microsoft .Net to interact with Active Directory.


Active Directory (AD)

An Active directory is a hierarchical structure which contains the information about network components. Here Active Directory Domain Services provides a way to interact with objects in a network such as Organizational unit, Groups, Users and Services. Using Active Directory Domain Services these objects can be managed in proper manner in network environment.

The main goal of Active Directory Domain Services is to provide secure, structured, hierarchical data storage for the objects in a network environment.

Organizational Unit (OU)

An organizational unit is a sub part of an Active Directory which can contain object like -Users, Groups, Computers, and other Organizational units. It is just like a container in Active directory. Based on our requirement we can create structure for Organizational unit. The main motto to create Organizational unit is to separate the area for specific purpose.

Example-

For a company there may be many production units, so we can organize like this-

Company (Main OU)
Production_Unit_1 (Child OU1)
Production_Unit_2 (Child OU2)
Production_Unit_3 (Child OU3)

Groups

A group is a collection of users and accounts, contacts and other groups that can be named as a single unit. Groups in an Active Directory are directory objects that can be directly part of domain or organizational unit objects.

Example-

For a company there may be many users, so these users can be categorized like this-

Company (Main OU)
Managers (Group1)
User1
User2
Developers (Group2)
User4
User5

User

User Account provides a way to interact with the domain means to login in a particular domain we use user account. This user can be part of any group. While creating the user we can provide the details regarding user privileges.


Code Implementation

To interact with Active Directory using C# application first you need to add the following reference -

System.DirectoryServices

After adding this reference add the below namespace in your code file.

using System.DirectoryServices;


Now check the below code-

//Path of Active Directory domain service
string strPrePath = "LDAP://";
string strPath = "DC=yourdomain,DC=com";
string strDomain = "yourdomain.com";

public frmActiveDirectory()
{
InitializeComponent();
}

//Creating Organizational Unit
private void btnCreateOU_Click(object sender, EventArgs e)
{
try
{
DirectoryEntry objDEOU = new DirectoryEntry(strPrePath+ strPath);
//Name of Organization
string strOUName = "Organization1";
DirectoryEntry objOU = objDEOU.Children.Add("OU=" + strOUName, "organizationalUnit");
objOU.CommitChanges();
objDEOU.CommitChanges();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}

//Creating Group
private void btnCreateGroup_Click(object sender, EventArgs e)
{
try
{
DirectoryEntry objDEGroup = new DirectoryEntry(strPrePath + "OU=Organization1," + strPath);
//Group Name
string strGroupName = "Group1";
DirectoryEntry group = objDEGroup.Children.Add("CN=" + strGroupName, "group");

// Description
group.Properties["description"].Add("desc");

group.CommitChanges();
objDEGroup.CommitChanges();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}

//Creating User
private void btnCreateUser_Click(object sender, EventArgs e)
{
try
{
DirectoryEntry objDEUser = new DirectoryEntry(strPrePath + "OU=Organization1," + strPath);
//User Name
string strUserName = "User500";
DirectoryEntry objUser = objDEUser.Children.Add("CN=" + strUserName, "user");

// User name (domain based)
objUser.Properties["userprincipalname"].Add(strUserName + "@" +strDomain);

// User name (older systems)
objUser.Properties["samaccountname"].Add(strUserName);

// Surname
objUser.Properties["sn"].Add("LastName");

// Forename
objUser.Properties["givenname"].Add(strUserName);

// Display name
objUser.Properties["displayname"].Add(strUserName + " " + "LastName");

// Description
objUser.Properties["description"].Add(strUserName + "desc");

// E-mail
objUser.Properties["mail"].Add(strUserName + "@" +strDomain);

objUser.CommitChanges();
objDEUser.CommitChanges();

//Password
objUser.Invoke("SetPassword", new object[] { "second@123" });
objUser.CommitChanges();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}


Description-

btnCreateOU_Click()- To create the organizational unit in given path
btnCreateGroup_Click ()- To create the Group in given path
btnCreateUser _Click()- To create the User in given path

I have written code in separate button click event. You can change the value for given path based on your domain. To interact with Active directory, I have object of DirectoryEntry class. While creating the object of this class you have to give your domain related path.

After successfully execution of this code, you can check the Active Directory structure-

Output-





Here you can find the complete code-
Active Directory

You may also want to learn how to authenticate to active directory across domain controllers. in C#,



By Jitendra Faye   Popularity  (752 Views)