Active Directory and Network ID

I know that I can get the fully qualified domain name by using the windows NT network domain. I'd like to do the reverse: Ex: User.Identity.Name = "slaterock\fflintstone"; Active Directory returns fully qualified domain name of I would like to be able to get the domain portion of User.Identity.Name by querying Active Directory (LDAP) by that user. I would be using the user's email address: (&(objectClass=user)(objectCategory=Person)([email protected]))

I have no trouble returning the AD attributes, but I cannot figure out an absolute link between the attributes I have and the domain name returned in User.Identity.Name. I see parts of it in the domain components (DC=slaterock,DC=bedrock,DC=US,DC=blah,blah) but I need the direct link.



First, a bit of terminology to be clear (and to help any searches you do):

  • the 'slaterock' in 'slaterock\fflintstone' is the NetBIOS Domain Name for the domain.
  • 'DC=slaterock,DC=bedrock,DC=US,DC=blah,blah' is the defaultNamingContext for the domain.
  • CN=fred flinstone,OU=Quarry1,DC=slaterock,DC=bedrock,... is the user account's distinguishedName.

To translate from the user's distinguishedName to the NetBIOS Domain Name of their domain:

  • get the user account's distinguishedName and chop it up to get the defaultNamingContext.
  • Then do a search against the container: "CN=Partitions,CN=Configuration,DC=JohnLewis,DC=co,DC=uk" for an object with an nCName value that matches the defaultNamingContext from above.
  • Get the nETBIOSName attribute of that object and you've got what you're after. Time:2009-10-06 Views:0

Related post

Copyright (C), All Rights Reserved.

processed in 0.451 (s). 13 q(s)