Finding CN of users in Active Directory

elcool picture elcool · Nov 11, 2010 · Viewed 122.6k times · Source

I'm trying to find the Base DN of the user that can access or controls all the users in Active Directory so I can put it in my LDAP.

Usually someone will give me this, and it looks like DC=domain,DC=company,DC=com

But the admin is not available, so I don't know how to find this in Active Directory.

I'm looking for a step by step to find this info. Which tree and tabs to open and how to construct it. My user is: admin, the server is: controller-16.domain.company.com But I don't know if they added OU or groups or something else

I know that this:

CN=admin,DC=domain,DC=company,DC=com

does not work. Nor does:

DC=domain,DC=company,DC=com

If the Base DN works on Gawor's LDAP Browser, then it will work for my LDAP.

Answer

marc_s picture marc_s · Nov 11, 2010

You could try my Beavertail ADSI browser - it should show you the current AD tree, and from it, you should be able to figure out the path and all.

alt text

Or if you're on .NET 3.5, using the System.DirectoryServices.AccountManagement namespace, you could also do it programmatically:

PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

This would create a basic, default domain context and you should be able to peek at its properties and find a lot of stuff from it.

Or:

UserPrincipal myself = UserPrincipal.Current;

This will give you a UserPrincipal object for yourself, again, with a ton of properties to inspect. I'm not 100% sure what you're looking for - but you most likely will be able to find it on the context or the user principal somewhere!