|
This is what I did
try
{
string path = "LDAP://xxxx/CN=Users,DC=firm,DC=xxxx,DC=com";
string filter = "(&(objectCategory=person)(objectClass=user)(!user AccountControl:
1.2.840.113556.1.4.803:=2))";
string[] propertiesToLoad = new string[1] { "name" };
using
(DirectoryEntry root = new DirectoryEntry(path, "xx\\xxxx", "xxxx"))
using (DirectorySearcher searcher =
new DirectorySearcher(root, filter, propertiesToLoad))
using (SearchResultCollection results = searcher.FindAll())
{
foreach
(SearchResult result in results)
{
string name = (string)result.Properties["name"][0];
ADUsersList.Items.Add(name);
}
}
}
catch
{
}
The search filter syntax looks a bit complicated, but basically it filters the search results to only include users - "objectCategory=person" and "objectClass=user" - and excludes disabled user accounts by performing a bitwise AND of the userAccountControl flags and the "account disabled" flag, and negating the results.
|