Whenever I've accessed AD from .net I've done the following:
var directoryEntry = new DirectoryEntry("LDAP://capp.net"); directoryEntry.Username = "capp\dhr2"; directoryEntry.Password = "admin@12345";
Then you can query "AD" using the DirectorySearcher.
var directorySearcher = new DirectorySearcher(directoryEntry);
Thanks to everyone for your help and support. The correct address in my case was:
What i didnt realize in the beginning was that i was trying to connect to Active Directory in a different domain than my current domain. So the Ip address was the missing part. thanks a million to Luis who realized that there was something wrong was with the domain.
And thanks Shadow Walker for explaining the ldap connection string in more details.
We have found this to work best to be sure you have the right parameters:
Often the hard part of connecting to AD using LDAP is Determining the FDN of the user to login with. If you know the samAccountName of the user you can find it using:
dsquery user -samid jim "CN=Jim Willeke,CN=Users,DC=mad,DC=willeke,DC=com"
For Active Directory, the ldap connection string can take this form:
where protocol can be either ldap:// or ldaps://, depending on whether to use standard or SSL connection. You should always troubleshoot using standard connection before moving to SSL/TLS to avoid certificate issues at this point.
domaindnsaddress is DNS-resolvable address of your domain - in your case capp.net .
Some programming languages, like php, do not require the ldap:// prefix to perform a connect operation. You may try connecting without it as well.
The username to log in can have several forms. The most common are:
- NetBIOS domain name\samaccountname ( CAPP\dhr2 - note the BACKslash )
- userprincipanname ( email@example.com )
- samaccountname@domaindnsname ( firstname.lastname@example.org )
You can read Microsoft's extensive information about the possible forms of your logon name here: MSDN - Simple Authentication Password does not need any special treatment - just perform the standard bind operation against your ldap server and you should be authenticated. Please note that I am intentionally not including any sample code as your question was about the connection string, not about connecting to ldap using C# libraries.