Getting Active Directory Info when using Windows Authentication?

Question

I am using Windows authentication on my asp.net MVC 3 app. Is there any way possible to get the users information out of active directory?

I know I can user User.Name.Id

Answer 1

Of course!! If you're using .NET 3.5 or up, it's actually pretty easy.

Basically, use the System.DirectoryServices.AccoutManagement namespace (read all about it here: Managing Directory Security Principals in the .NET Framework 3.5).

Then: you need to "find" the user and grab it's properties - use code something like this:

// create domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// find the user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "username");

if(user != null)
{
    // access the user's properties in a nice, object-oriented way
}

Answer 2

Sounds like you may want to use the System.DirectoryServices namespace. Here's a guide on how you can read properties of a Directory object.

Answer 3

In my environment I had to add this to the section in Web.config:

<identity impersonate="true" />

Answer 4

If your code is running under the context of the user that you need information for, it gets even lighter (i.e. Windows Authentication):

//Must reference System.DirectoryServices.AccountManagement
var user = UserPrincipal.Current;

var firstName = user.GivenName;
var lastName = user.Surname;