-1

I'm trying to get the domain controller that the client machine of an ASP.NET application is connected to using C#.

The application is an Intranet application that will never be exposed to the Internet and every user using the application must be authenticated through Windows. This therefore means that the user will always be connected to a domain controller in our corporate network.

I've tried using the following code but it is returning the domain controller that the IIS server is connected to:

using System.DirectoryServices;

public static string GetDC()
{
    DirectoryEntry Entry = new DirectoryEntry("LDAP://rootDSE");
    return Entry.Properties["dnsHostname"].Value.ToString();
}

I've read several other questions on the matter that all seem to produce the IIS servers domain controller.

My question is whether it is possible to obtain the clients connected domain controller and if so, how?

Gareth
  • 5,140
  • 5
  • 42
  • 73

1 Answers1

1

A couple of things about Active Directory authentication:

  • Users don't connect to a domain controller. They are authenticated against Active Directory, which is a distributed service hosted by one or many domain controllers which replicate information amongst one another
  • When a user is authenticated by a web application, it is IIS that performs the authentication. A 401 challenge is issued, and the user's machine supplies the credentials in the form of a token. IIS then uses that token to authenticate, authorize, and identify the user
  • A web application user authenticated by Windows Authentication is represented on the server by a WindowsIdentity object. The WindowsIdentity object contains very few properties, none of which will expose underlying AD information (other than the domain/username)
  • Client-side code (AKA javascript) is not going to have access to sensitive AD information on your machine. That would be very bad if it did.

If you want details on exactly how authentication works in AD, have a look here: https://technet.microsoft.com/en-us/library/cc780332(v=ws.10).aspx

Now, if users are on different domains, then you CAN get the domain from the user's username and use that to perform AD lookups.

string userNameWithDomain = HttpContext.Current.User.Identity.Name; // returns SOMEDOMAIN\USERNAME

You split on the '\' and take the first element.

DVK
  • 2,726
  • 1
  • 17
  • 20
  • Thanks for the response. As you can probably tell by my lack of knowledge on the matter, I've no real idea about AD! The reason why I'm after the DC is because the naming convention within our corporate network is an easy identifier as to which site a user is at. – Gareth Sep 30 '15 at 13:30
  • If your organization has good naming conventions, then you can probably get the information you are looking for elsewhere in ActiveDirectory with the user account. Take a look at: http://stackoverflow.com/questions/10428495/get-distinguished-name-from-active-directory-of-currently-logged-in-user https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory(v=vs.110).aspx You can find a LOT of information about a user account in active directory. Finding it isn't always easy, though. Some of the syntax can be pretty archaic. – DVK Sep 30 '15 at 13:53