I've noticed an interesting behavior when trying to connect to edirectory using DirectoryServices.
This is the code that I used to pull information from our dev edirectory, but I've noticed that it's retrieving information from our production Active Directory (from what I've read, DirectorySearcher can be used on edir as well):
string devIP = "xxx.xxx.xxx.xxx:636";
DirectorySearcher directorySearcher = new DirectorySearcher(devIP);
directorySearcher.Filter = "(&(objectClass=user)(uid=" + "jsmith" + "))";
SearchResultCollection searchResults = directorySearcher.FindAll();
(I know it's hitting production because jsmith doesn't exist in dev. Another thing I noticed was that the attributes that were returned are AD attributes like memberOf etc.)
What finally got it to work was using System.DirectoryServices.Protocols:
LdapConnection con = new LdapConnection(new LdapDirectoryIdentifier("d1.domain.com:636"));
con.Credential = new NetworkCredential("cn=USERNAME,ou=XXX,o=XXX", "password");
con.SessionOptions.SecureSocketLayer = true;
con.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(ServerCallback);
con.AuthType = AuthType.Basic;
using (con)
{
con.Bind();
}
I've done some research, but I couldn't figure out why it would have been routing the DirectorySearcher to prod even though I explicitly specified the IP address and the username?
The dev server is on a different domain from my local machine (and I'm running the code on my local machine). Could it be possible that since my machine is on the same domain as prod, it's defaulting to the prod Active Directory and just ignoring the devIP that I'm passing it?
The same root cause with the following:
Check if the DirectoryEntry is valid in DirectorySearcher
The constructor you used DirectorySearcher(string) is actually expecting the filter, but not the search root path.