Query user data logged in Windows Authentication

Asked

Viewed 1,024 times

7

In my application I use the authentication mode="Windows" as a form of authentication.

This way, I can know the user name, referring to the field in AD and the domain of the same using HttpContext.Current.User.Identity.Name, ex: DOMAIN\username. I would like to know if I can recover other user information like email, description, etc.

Using the ActiveDirectoryMembershipProvider I have access to other fields, like userprincipalname, samaccountname, mail, etc. I wonder if using the authentication mode="Windows" I can return that data. If not, I can return some other data other than authentication mode="Windows" ?

asp.net-mvc-5 asp.net-identity active-directory

  • @Marconi I have already checked this, but not found it. I am using Identity, with Authentication mode="windows". With that, I’m not able to access these properties.

1 answer

4


I wrote a Helper (a static class with static methods) with a method that locates users of a domain with their information and another that details a specific user:

using MeuProjeto.ViewModels;
using System;
using System.Collections.Generic;
using System.DirectoryServices;
using System.DirectoryServices.AccountManagement;
using System.Linq;
using System.Web;

namespace MeuProjeto.Helpers
{
    public static class ActiveDirectoryHelper
    {
        public static ActiveDirectoryUserViewModel GetADUser(String search)
        {
            using (var context = new PrincipalContext(ContextType.Domain, "meudominiodoad"))
            {
                var result = UserPrincipal.FindByIdentity(context, search);

                var groups = result.GetGroups().ToList();

                return new ActiveDirectoryUserViewModel
                {
                    DisplayName = result.DisplayName,
                    Email = result.EmailAddress,
                    Mapped = true,
                    UserName = result.UserPrincipalName,
                    Groups = result.GetGroups()
                };
            }
        }

        public static IEnumerable<ActiveDirectoryUserViewModel> GetADUsers()
        {
            using (var context = new PrincipalContext(ContextType.Domain, "meudominiodoad"))
            {
                using (var searcher = new PrincipalSearcher(new UserPrincipal(context)))
                {
                    foreach (var result in searcher.FindAll())
                    {
                        DirectoryEntry de = result.GetUnderlyingObject() as DirectoryEntry;
                        yield return new ActiveDirectoryUserViewModel
                        {
                            DisplayName = (de.Properties["displayName"].Value ?? de.Properties["name"].Value).ToString(),
                            UserName = de.Properties["sAMAccountName"].Value.ToString()
                        };
                    }
                }
            }
        }
    }
}

Here are the Properties of DirectoryEntry that you can use.

Browser other questions tagged asp.net-mvc-5 asp.net-identity active-directory

You are not signed in. Login or sign up in order to post.