Get distinguished name from Active Directory of currently logged in user

Tunc Jamgocyan picture Tunc Jamgocyan · May 3, 2012 · Viewed 22.4k times · Source

How can I get the distinguished name from Active Directory of the currently logged in user in C#?

Answer

empi picture empi · May 3, 2012

Check following snippet. You have pass to Identity.Name from IPrincipal. I assume that the user is already authenticated in Active Directory (ie. using standard IIS authorization methods).

private string GetUserName(string identity)
{
    if (identity.Contains("\\"))
    {
        string[] identityList = identity.Split('\\');
        return identityList[1];
    }
    else
    {
        return identity;
    }
}

public string GetUserDn(string identity)
{            
    var userName = GetUserName(identity);   
    using (var rootEntry = new DirectoryEntry("LDAP://" + adConfiguration.ServerAddress, null, null, AuthenticationTypes.Secure))
    {       
        using (var directorySearcher = new DirectorySearcher(rootEntry, String.Format("(sAMAccountName={0})", userName)))
        {
            var searchResult = directorySearcher.FindOne();                    
            if (searchResult != null)
            {
                using (var userEntry = searchResult.GetDirectoryEntry())
                {
                    return (string)userEntry.Properties["distinguishedName"].Value;                 
                }
            }
        }                
    }   
    return null;
}