Checking a User Exists in Active Directory

This isn’t a long post, but just a useful snippet of code. I was working on some code for a system this afternoon and I needed to check that a username was a valid user in ActiveDirectory using C#. This isn’t something I have had to code before, so I thought I would share this useful nugget of code. I hope you find it useful.

using System;
using System.Collections.Generic;
using System.Linq;
using System.DirectoryServices.AccountManagement;

namespace ActiveDirectory
{
    public static class ActiveDirectory
    {
        public static bool CheckUserinAD(string domain, string username)
        {
            using (var domainContext = new PrincipalContext(ContextType.Domain, domain))
            {
                using (var user = new UserPrincipal(domainContext))
                {
                    user.SamAccountName = username;

                    using (var pS = new PrincipalSearcher())
                    {
                        pS.QueryFilter = user;

                        using (PrincipalSearchResult<Principal> results = pS.FindAll())
                        {
                            if (results != null && results.Count() > 0)
                            {
                                return true;
                            }
                        }
                    }
                }
            }

            return false;
        }
    }
}
Participate with Coding in the Trenches on Facebook

Participate with Coding in the Trenches on Facebook by Click the button above.

2 thoughts on “Checking a User Exists in Active Directory

  1. amar

    Hi Stephen, System.DirectoryServices.AccountManagement namespace is for user management on AD and it allows read and WRITE operations on AD. It could be potentially unsafe based on the user rights. IMO you should use System.DirectoryServices namespace for querying using the snippet below.
    public static bool CheckUserinAD(string user)
    {
    try
    {
    string LDAPServer = “​ldapserver”;//
    string LDAPUser = “​ldapuser”;//
    string LDAPPwd = “​ldappwd”;
    SearchResult sr = null;

    using (DirectoryEntry de = new DirectoryEntry(“LDAP://” + LDAPServer, LDAPUser, LDAPPwd))
    {
    using (DirectorySearcher sea = new DirectorySearcher(de))
    {
    //sea.Filter = “(&(objectCategory=user)(samAccountName=” + “\”” + user + “\”” + “))”;
    sea.Filter = “(&(objectCategory=user)(samAccountName=” + user + “))”;
    sr = sea.FindOne();
    }
    }
    return sr != null ? true : false;
    }
    catch (Exception ex)
    {
    return false;
    }
    }

    Reply
  2. landeskmanager

    Hi Stephen, System.DirectoryServices.AccountManagement namespace is for user management on AD and it allows read and WRITE operations on AD. It could be potentially unsafe based on the user rights. IMHO you should use System.DirectoryServices namespace for querying using the snippet below.
    public static bool CheckUserinAD(string user)
    {
    try
    {
    string LDAPServer = “?ldapserver”;//
    string LDAPUser = “?ldapuser”;//
    string LDAPPwd = “?ldappwd”;
    SearchResult sr = null;

    using (DirectoryEntry de = new DirectoryEntry(“LDAP://” + LDAPServer, LDAPUser, LDAPPwd))
    {
    using (DirectorySearcher sea = new DirectorySearcher(de))
    {
    sea.Filter = “(&(objectCategory=user)(samAccountName=” + user + “))”;
    sr = sea.FindOne();
    }
    }
    return sr != null ? true : false;
    }
    catch (Exception ex)
    {
    return false;
    }
    }

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s