65.9K
CodeProject is changing. Read more.
Home

Active Directory with ASP.NET MVC (.NET)

Mina bedier
starIconstarIconstarIconstarIcon
emptyStarIcon
starIcon

4.25/5 (8 votes)

Mar 7, 2019

CPOL

1 min read

viewsIcon

50126

Active Directory with ASP.NET MVC

Introduction

When it comes to access Microsoft's Active Directory using C#, a lot of people get confused how to get started. This article attempts to show you how to communicate with active directory using C# in a simple way. I make a simple web application interact with active directory using ASP.NET MVC .This application performs only three operations on active directory:

  • get all users
  • get all groups
  • reset password for users

Background

You should have some basic knowledge with ASP.NET MVC.

Active Directory

  1. Install Windows Server 2012 R2.
  2. Install Active Directory Domain Service.
  3. Create new domain in a new forest. I named it “MBS.Com”.
  4. Add organizational unit and named it “DevOU.
  5. Add some users and groups in OU.

Using the Code

There are two namespaces to communicate Active Directory with C#:

  1. System.DirectoryServices.ActiveDirectory
  2. System.DirectoryServices.AccountManagement (this is what I used)

Note

In my case, IIS server and directory domain controller reside on the same machine to run task successfully.

  • Add Action called HomePage in your Controller containing two buttons, one for Users and other for Groups. 
         public ActionResult HomePage()
        {
            return View();
        }
  • Add View for this Action: 
    @{
    ViewBag.Title = "HomePage";
}
@*<h2>HomePage</h2>*@
<br />
<br />
<div class="row text-center">
    <div class="col lg-6">
        @Html.ActionLink
         ("Users", "GetAllUsers", "Home", null, new { @class = "btn btn-primary" })
        @Html.ActionLink
         ("Groups", "GetAllGroups", "Home", null, new { @class = "btn btn-primary" })
    </div>
</div>

  • Add two Classes for User and Group in Models Folder: 
        public class User
    {
        public int Id { get; set; }
        [Display(Name = "Display Name")]
        public string DisplayName { get; set; }
        public string Samaccountname { get; set; }
    }  

    public class Group
    {
        public int Id { get; set; }
        [Display(Name = "Group Name")]
        public string GroupName { get; set; }
    }
  • Then we will implement three methods which will be performed on Active Directory: Get All Users, Get All Groups, Set Password: 
          public ActionResult GetAllUsers()
        {
            List<User> ADUsers = GetallAdUsers();
            return View(ADUsers);
        }

        public ActionResult GetAllGroups()
        {
            List<Group> ADGroups = GetallGroups();
            return View(ADGroups);
        }

        //if you want to get Groups of Specific OU you have to add OU Name in Context        
        public static List<User> GetallAdUsers()
        {
            List<User> AdUsers = new List<User>();
            //MBS.com My Domain Controller which i created 
            //OU=DevOU --Organizational Unit which i created 
            //and create users and groups inside it 
            var ctx = new PrincipalContext(ContextType.Domain, "MBS","OU=DevOU,DC=MBS,DC=com");
            UserPrincipal userPrin = new UserPrincipal(ctx);
            userPrin.Name = "*";
            var searcher = new System.DirectoryServices.AccountManagement.PrincipalSearcher();
            searcher.QueryFilter = userPrin;
            var results = searcher.FindAll();
            foreach (Principal p in results)
            {
                AdUsers.Add(new User { DisplayName = p.DisplayName, 
                                       Samaccountname = p.SamAccountName });
            }
            return AdUsers;
        }

        public ActionResult ResetPassword(string Samaccountname)
        {
            //i get the user by its SamaccountName to change his password
            PrincipalContext context = new PrincipalContext
                                       (ContextType.Domain, "MBS", "OU=DevOU,DC=MBS,DC=com");
            UserPrincipal user = UserPrincipal.FindByIdentity
                                 (context, IdentityType.SamAccountName, Samaccountname);
            //Enable Account if it is disabled
            user.Enabled = true;
            //Reset User Password
            string newPassword = "P@ssw0rd";
            user.SetPassword(newPassword);
            //Force user to change password at next logon dh optional
            user.ExpirePasswordNow();
            user.Save();
            TempData["msg"] = "<script>alert('Password Changed Successfully');</script>";
            return RedirectToAction("GetAllUsers");
        }

        //if you want to get all Groups of Specific OU you have to add OU Name in Context 
        public static List<Group> GetallGroups()
        {  
            List<Group> AdGroups = new List<Group>();
            var ctx = new PrincipalContext(ContextType.Domain, "MBS", "OU=DevOU,DC=MBS,DC=com");
            GroupPrincipal _groupPrincipal = new GroupPrincipal(ctx);

            PrincipalSearcher srch = new PrincipalSearcher(_groupPrincipal);

            foreach (var found in srch.FindAll())
            {
                AdGroups.Add(new Group { GroupName = found.ToString() });
                          
            }
            return AdGroups;
        }
  • Then Add view for GetAllUsers action. 
        @model IEnumerable<ActiveDirectory.Models.User>
@{
    ViewBag.Title = "GetAllUsers";
}

<br />

<form>
    <div class="form-group">
        <label for="SearchInput" class="col-sm-2 col-form-label">Search for User</label>
        <div class="col-md-10">
            <input type="text" class="form-control" id="SearchInput" 
             onkeyup="myFunction()" placeholder="Enter User">
        </div>
    </div>
</form>

<br />
<br />
@Html.Raw(TempData["msg"])

    <table class="table table-bordered table-striped" id="tblUsers">
        <tr>
            <th>
                @Html.DisplayNameFor(model => model.DisplayName)
            </th>
            <th>
                @Html.DisplayNameFor(model => model.Samaccountname)
            </th>
            <th></th>
        </tr>

        @foreach (var item in Model)
        {
            <tr>
                <td>
                    @Html.DisplayFor(modelItem => item.DisplayName)
                </td>
                <td>
                    @Html.DisplayFor(modelItem => item.Samaccountname)
                </td>
                <td>
                    @Html.ActionLink("Reset Password", "ResetPassword", 
                                      new { Samaccountname = item.Samaccountname })
                </td>
            </tr>
        }

    </table>

@section scripts
{
    <script>

function myFunction() {
  var input, filter, table, tr, td, i;
  input = document.getElementById("SearchInput");
  filter = input.value.toUpperCase();
  table = document.getElementById("tblUsers");
  tr = table.getElementsByTagName("tr");
  for (i = 0; i < tr.length; i++) {
    td = tr[i].getElementsByTagName("td")[0];
    if (td) {
      if (td.innerHTML.toUpperCase().indexOf(filter) > -1) {
        tr[i].style.display = "";
      } else {
        tr[i].style.display = "none";
      }
    }
  }
}
</script>
}

  • Add another view for GetAllGroups Action. 
     @model IEnumerable<ActiveDirectory.Models.Group>
@{
    ViewBag.Title = "GetAllGroups";
}
<br />

<table class="table table-striped table-bordered">
    <tr>
        <th>
            @Html.DisplayNameFor(model => model.GroupName)
        </th>
    </tr>

@foreach (var item in Model) {
    <tr>
        <td>
            @Html.DisplayFor(modelItem => item.GroupName)
        </td>

    </tr>
}
</table>

Notes

All these functionalities work on specific organizational unit I have created “DevOU”.
To get All Users and groups of Active Directory, just remove “OU” from path in the context.

History

  • 7th March, 2019: Initial version