-1

When getting values Active Directory in C#, my normal process is to use the principal context to get most of these values. There are still some things I need LDAP to get because they aren't available from a user principal object. For these attributes, I use the underlying object to get access to a directory entry. I made a method to check for the existence of an property by checking if it is null. If it isn't null, I return the value as a string. I use code similar to what is listed below to accomplish this:

      if (directoryEntrygroup.Properties[directoryEntryPropertyName].Value != null)
            {
                returnValue = directoryEntrygroup.Properties[directoryEntryPropertyName].Value.ToString();
            }

That works pretty well for attributes that do not contain a list of values, such as a "cn" or "department." But for attributes such as "ManagedObjects" that do have some type of collection but returned as a object, what is the best way to get those values? For what its worth, this code is within a script task in SSIS for SQL Server 2012 using Framework 4.0.

Cœur
  • 37,241
  • 25
  • 195
  • 267
Jason R.
  • 379
  • 1
  • 6
  • 19

1 Answers1

0

I didn't realize when accessing a LDAP property, it was a collection, not a singular value. If you just so happen to return a singular value, the code in my question works. But if you have more than one result returned, you will receive a System.Object[] instead. In my case, I have users (admins or managers) that have more than one object they manage which is why I received System.Object[]

With that said, the object is return as a enumerable collection, even if only a single value is returned.

The way I solved the problem is by changing my code a little:

      foreach (object thisvalue in directoryEntrygroup.Properties[directoryEntryPropertyName])
                    {
                       debug.writeline = thisvalue.ToString();                                                    
                    }

As far as I know, this solution will work for any LDAP property that returns more than one value, such as the "MemberOf" property for group objects

Here is a article that talks about Property Value Collections: https://msdn.microsoft.com/en-us/library/ms180859(v=vs.80).aspx

Hope this helps.

Jason R.
  • 379
  • 1
  • 6
  • 19