Unable to extract information

Question

I'm trying to query a domain to determine if:

1. User is a valid user (and has the correct password)
2. User is enabled
3. User belongs to group x

My development machine does not belong to this domain. I want to specify the username and password via my application

I'm using the System.DirectoryServices.AccountManagement namespace as this seems to be the most efficient way doing this, however I've struggling to get even the most basic of information out of my domain controller.

I can explore LDAP via another tool.

First test is to collect user information, the code below returns null on user. The user however is valid.

What am I doing wrong?

    // set up domain context
 PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "server","CN=Users,DC=doom,DC=home", "ldapuser","password");

  // get user contect
 UserPrincipal user = UserPrincipal.FindByIdentity(ctx, IdentityType.Name, username);

 //is user locked?
 var locked = user.Enabled;

Update:

Having defined the bind method as below, I now receive error "Information about the domain could not be retrieved (1355)."

var ctx = new PrincipalContext(ContextType.Domain, "server", "DC=doom,DC=home", ContextOptions.SimpleBind, "ldapuser", "password");

Answer 1

Sorted.

This answer resolves the two issues I came across when attempting to connect to a domain controller that I am not a member of.

This article get me the final answer: http://elegantcode.com/2009/03/21/one-scenario-where-the-systemdirectoryservices-accountmanagement-api-falls-down/

1. you need to define the Bind in the context (i.e. ContextOptions.SimpleBind)
2. You must set up the domain server in your Network adaptors DNS settings as the first DNS server to use.

I can now connect to my AD and collect data.