Retrieving the Current User's Active Directory Object

If you are writing a program that leverages Active Directory then there may be times where you want to retrieve the current user's AD object. It can be handy for situations where you need the user's email address, account information, or some other piece of data stored in the directory. Below is a code snippet to retrieve the current user object as well as translate an NT domain name into a distinguished name all through managed code (as opposed to DsCrackNames which uses RPC and interop).

public static DirectoryEntry CurrentUser
{
    get
    {
        string[] currentUserName = WindowsIdentity.GetCurrent().Name.Split('\\');
        string domainDistinguishedName = GetDistinguishedName(currentUserName[0]);

        DirectoryEntry domain = new DirectoryEntry("LDAP://" + domainDistinguishedName);
        DirectorySearcher searcher = new DirectorySearcher(domain,
            String.Format("(sAMAccountName={0})", currentUserName[1]));

        SearchResult result = searcher.FindOne();
        DirectoryEntry currentUser = null;
        if (result != null)
        {
            currentUser = result.GetDirectoryEntry();
        }

        return currentUser;
    }
}

public static string GetDistinguishedName(string netbiosName)
{
    if (string.IsNullOrEmpty(netbiosName))
    {
        throw new ArgumentNullException("netbiosName");
    }
    if (!Regex.IsMatch(netbiosName, @"^[-\w]{1,15}$"))
    {
        throw new ArgumentException("Invalid NetBIOS domain name format. Domain name should be a maximum of 15 alphanumeric characters (including dashes).", "netbiosName");
    }

    DirectoryEntry globalCatalog = new DirectoryEntry("LDAP://RootDSE");
    string configurationPath = (string)globalCatalog.Properties["configurationNamingContext"].Value;

    DirectoryEntry partitions = new DirectoryEntry("LDAP://CN=Partitions," + configurationPath);

    DirectorySearcher searcher = new DirectorySearcher(partitions,
        String.Format("(&(objectClass=crossRef)(nETBIOSName={0}))", netbiosName),
        new string[] { "nCName" },
        SearchScope.OneLevel);
    SearchResult result = searcher.FindOne();

    string distinguishedName = null;
    if (result != null)
    {
        distinguishedName = result.Properties["nCName"][0] as string;
    }
    return distinguishedName;
}

From there you can easily retrieve the user's email address:

Console.WriteLine(CurrentUser.Properties["mail"].Value as string);

Enjoy!

Comments Subscribe to Post Comments Feed

Alias » Retrieving the Current User's Active Directory Object said:

Pingback from  Alias » Retrieving the Current User's Active Directory Object

November 11, 2007 6:27 PM
account » Blog Archive » Retrieving the Current User's Active Directory Object said:

Pingback from  account  » Blog Archive   » Retrieving the Current User's Active Directory Object

November 13, 2007 10:09 AM
Bernhard Hofmann said:

Beware the gotcha if you copy to the clipboard and paste to an editor. The ampersand on line 40 may be converted to ampersand-a-n-d-semicolon, and that will fail.

March 14, 2008 5:16 AM
http://rockstarguys.com/blogs/colin/archive/2007/11/09/retrieving-the-current-user-s-active-directory-object.aspx said:

Pingback from  rockstarguys.com/.../retrieving-the-current-user-s-active-directory-object.aspx

March 26, 2008 4:53 AM

Have Your Say

Submit your Comments