Get Details Of Logged In User From LDAP In .NET Core 2 Razor Pages

Introduction

Many times, we face a situation where we need to get details of the logged in user, such as  - Manager, Department, Last Name, First Name, Email details etc. Although we can leverage PrincipalContext() and UserPrincipal() methods provided by namespace System.DirectoryServices, it would not provide details like Manager and Department of the logged in user.

In order to achieve this, I have found a way by using DirectorySearcher() and DirectoryEntry() methods which are provided by the same namespace System.DirectoryServices. These methods would get the details from the LDAP of the organization. Below is the step-by-step description on how to achieve this.

The following software/concepts are used in this document.

  1. Visual Studio 2019
  2. Razor Pages
  3. .Net Core 2.0
  4. LDAP
  5. Net Core Web Application
  6. C# Language

Open your project in Visual Studio 2019

In my case, I am opening the earlier created project where Razor pages are present.

Get Details Of The Logged In User From LDAP In .NET Core 2 Razor Pages

In my example, I want to call a method with impersonation in a custom Razor page named “Index.cshtml.cs” under “Customers” folder.

Call method to get the current path of the LDAP ()

  1. Put the below code where you want to use the details. In my example, I am putting this code in OnGetAsync() method.
    1. // -- Code to get current address of the LDAP----  
    2. DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");  
    3. var defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value;  
    Here, we are using “RootDSE” to find out the current path of the LDAP where we can search for the logged in user. In case you already know the LDAP path for your domain, you can skip this step.
  1. Once we get the current path, we can use that to perform DirectorySearch using DirectorySearcher() method. We are performing the search based on the “sAMAccountName” property given by LDAP. Replace “ABCDEFGHI” with your user login ID.
    1. //--- Code to use the current address for the LDAP and query it for the user---                  
    2. DirectorySearcher dssearch = new DirectorySearcher("LDAP://" + defaultNamingContext);  
    3.             dssearch.Filter = "(sAMAccountName=ABCDEFGHI)";  
    4.             SearchResult sresult = dssearch.FindOne();  
    5.             DirectoryEntry dsresult = sresult.GetDirectoryEntry();  
  2. Once we search LDAP for the user, we can get the properties provided by LDAP. In my example, I am using FirstName, LastName, Email, Department and Manager.
    1. //--- Code for getting the properties of the logged in user from AD  
    2.             var FirstName = dsresult.Properties["givenName"][0].ToString();  
    3.             var LastName = dsresult.Properties["sn"][0].ToString();  
    4.             var Email = dsresult.Properties["mail"][0].ToString();  
    5.             var Department = dsresult.Properties["department"][0].ToString();  
    6.             var Manager = dsresult.Properties["manager"][0].ToString();  
    In order to get complete properties and on various other operations on Active Directory, you can refer to a very informative article by Dhananjay Kumar here.
  1. The complete code looks like below.
    1. // -- Code to get current address of the LDAP----  
    2. DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");  
    3.             var defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value;  
    4.   
    5. //--- Code to use the current address for the LDAP and query it for the user---                  
    6. DirectorySearcher dssearch = new DirectorySearcher("LDAP://" + defaultNamingContext);  
    7.             dssearch.Filter = "(sAMAccountName=ABCDEFGHI)";  
    8.             SearchResult sresult = dssearch.FindOne();  
    9.             DirectoryEntry dsresult = sresult.GetDirectoryEntry();  
    10.   
    11. //--- Code for getting the properties of the logged in user from AD  
    12.             var FirstName = dsresult.Properties["givenName"][0].ToString();  
    13.             var LastName = dsresult.Properties["sn"][0].ToString();  
    14.             var Email = dsresult.Properties["mail"][0].ToString();  
    15.             var Department = dsresult.Properties["department"][0].ToString();  
    16.             var Manager = dsresult.Properties["manager"][0].ToString();  
    Get Details Of The Logged In User From LDAP In .NET Core 2 Razor Pages
  1. Test the files by putting a debug point at any of the properties and then, right-click on the Index file and open it with the browser. You will get the correct value from LDAP for the user.

That is it. I hope you have learned something new from this article and will utilize this in your work.