SharePoint - Query Active Directory through Custom Application Page



This post describes how the Active Directory (AD) and SharePoint integration can be leveraged to retrieve AD data and use in a SharePoint site. There are many classes written for accessing AD data, but this article demonstrates how to bring those data in a SharePoint site.

It is a common business requirement where a SharePoint server administrator needs to check whether a site user exists in the AD. The main reason being, what I have seen, when our client had an audit process for their SharePoint sites. In some cases the user, who is a site owner, has either left the organization or due to some other reason, does not exist in the AD, but still is the owner of the site.

So we can remotely access the server and search the AD. Otherwise, we can create a SharePoint application page that, with proper rights of course, can access the server AD and query it for a particular user. The page will also show the details of the searched user.

In a nutshell, we will create a custom application page, where we can look up for a user in an AD group, and if he/she exists we can get information about the user (like email, whether the account is active or not etc.). Then we will open the page in a SharePoint site and do some query.

Once our created application page along with the proper assembly is deployed to the server, we can access the page through the link SPsiteURL/_layouts/ ADQueryApplication/ADQueryApplicationPage.aspx

N.B. – This page is only accessible by site administrator. You have to access the site using administrator rights.

The page will look like this. 




1.    The drop down list will be populated with all the groups available in AD. It will show the distinguished name (LDAP property distinguishedName) of the group. The distinguished name consists of the common name (LDAP property CN) followed by parent group name, organizational unit name and domain name.


2.    Provide the username / userID to search here.
3.    User accessing the page should have admin rights.


4.    After we start searching, first the user is searched, if he/she exists or not.
5.    If the user exists, other details are displayed below.
a.    Email comes with mailto link.
b.    Account status is displayed either enabled / disabled.

We can search for user without even knowing correct name of the user, means we can perform partial search.

 
And here is screenshot for searching user with user logon / user ID


Comments

  1. Great, exactly what I need, do you have the code? Thanks

    ReplyDelete
  2. Sharepoint allows tasks to be saved on a web server that can be utilized by employees from any location, enabling for real-time cooperation. Tight safety actions are set so that only certain individuals can accessibility these information. Customers can also create their own individual storage information which cannot be utilized by anyone but them. The smooth Sharepoint interface guarantees that information are not combined or lost and that the right individuals have accessibility the information they need.

    Custom Application Development

    ReplyDelete

Post a Comment

Popular posts from this blog

The all new Movie Central

CRUD operations on SharePoint list using AngularJS

How to install nVidia Optimus driver