Manage LDAP groups and their membership in Novell eDirectory using .NET.

Question

Manage LDAP groups and their membership in Novell eDirectory using .NET.

I am new to LDAP development, so please forgive my ignorance about this. I am in a project where I need to manage groups and group memberships in Novell eDirectory using .NET. I found several examples of creating groups in Active Directory, but all of these examples use SamAccountName, which refers to the active directory. Can anyone share more general code that will work against any LDAP repository?

In particular, I want to implement the following functions:

Group creation
Group deletion
Add user to group
Remove user from group

Thanks!

+4

.net ldap

Doug Perkes - MSFT Oct 7 '09 at 20:37

source share

4 answers

Doug Perkes - MSFT · Answer 1 · 2009-10-08T18:19:38+0000

I hate answering my question, but I finally found some examples that I can use. It seems that Novell eDirectory C # LDAP api was written, which includes samples for creating objects and managing group membership.

Group Membership: http://forgeftp.novell.com/ldapcsharp/Samples/Samples/AddUserToGroup.cs
Creating a new object: http://forgeftp.novell.com/ldapcsharp/Samples/Samples/AddEntry.cs
Removing an object: http://forgeftp.novell.com/ldapcsharp/Samples/Samples/DelEntry.cs

I would prefer to use the .NET API System.DirectoryServices, so I will let them try using the above examples as examples of the attributes I need to set.

marc_s · Answer 2 · 2009-10-07T20:48:22+0000

Check out these two other SO questions on eDirectory and C # - they should give you a deeper understanding and links to level out deeper:

There seems to be some problems using the standard System.DirectoryServices classes with Novell directories, and I'm not 100% sure that the latter applies to the Novell C # LDAP classes mentioned in these questions.

Mark

UPDATE :
Here is a list of Examples of fast code code # when using System.DirectoryServices on MSDN or here How to make a CodeProject article somehow in the history of Active Directory . Both contain many examples of frequently requested functions and how to encode them. Hope this helps.

jwilleke · Answer 3 · 2009-10-09T09:14:57+0000

So it all depends on how you use eDirectory. Is it used for file and print directory where users can have different rights assigned in eDirectory to other parts of eDirectory or eDirectory that are used only for another LDAP server?

If you do not assign eDirectry rights to users through groups, you really only need to set the member attribute in the group.

If you assign rights to eDirectory through groups, you need to set all four attributes, as described here:

http://ldapwiki.willeke.com/wiki/Groups%20Edirectory

-Jeet

geoffc · Answer 4 · 2009-10-08T11:03:44+0000

Group management in eDirectory is different from Active Directory group.

The group has two attributes of interest (member and equivalent for me), and the User has two attributes of interest (group membership and equal security levels).

Adding a user to a group updates all four of these attributes when executed correctly.

Security / equivalent attributes are the mechanism by which rights and proxies are processed, so you can skip them if they are not used inside eDirectory, but better if you do not.

Manage LDAP groups and their membership in Novell eDirectory using .NET.

More articles: