MVC Active Directory Membership

Question

I am trying to make use of the active directory membership rather than SQL but there is very limited documentation available online. I have managed to connect my application to the domain controller without any problems but when you use "Context.User.Identity.Name" it comes up with DOMAIN\User. I want to basically drill down and get information such as full name, e-mail address, etc.

I just need a useful link and the searching I have done doesn't appear to have got me anywhere!

Many thanks

Answer 1

This should give you a bit of a clue: http://msdn.microsoft.com/en-us/library/ms973834.aspx and here is a list of LDAP properties that you might want to play around with in the search result: http://www.computerperformance.co.uk/Logon/LDAP_attributes_active_directory.htm

Answer 2

Have you tried with this doc?

http://msdn.microsoft.com/en-US/library/system.web.security.activedirectorymembershipprovider%28v=vs.90%29.aspx

Can help?

Answer 3

If you are making use of Active Directory then you are likely using Windows Authentication. If so, all you need to do is:

1. Reference System.DirectoryServices.AccountManagement

2. In code (perhaps a controller action or model constructor)

   // establishes your domain as the context for your user lookup var principalContext = new PrincipalContext(ContextType.Domain, "domainName");

   // gets the current user's UserPrincipal object var userPrincipal.FindByIdentity(principalContext, @User.Identity.Name)

   // example var email = userPrincipal.EmailAddress;

Note:

• This works because Windows Authentication means User.Identity on the current HttpContext is a WindowsIdentity and thus its Name property can be used to search AD.

• You aren't limited to looking up the current user. You can use FindByIdentity() to search any value passed, and this method exists on other principals (ex. GroupPrincipal). You can also designate you wish to search by another type such as SID instead of Name.

Enjoy!