Currently my Mac has been successfully configured to be in Active Directory Domain. (System Preferences -> Users & Groups -> Login Options -> Network Account Server)
If your Mac is bound to the Active Directory server then you shouldn’t need LDAP to search for users and their attributes. Rather, you can get this information using the Open Directory framework. Pasted in below is some code I had lying around that searches for a user and prints their attributes.
IMPORTANT You have to pass in an ODNode here; in this case you should create one by calling
+nodeWithSession:type:error:
, with the node type being
kODNodeTypeAuthentication
.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"
static NSString * RecordAttributeValueString(id<NSObject> value) {
NSString * result;
if ([value isKindOfClass:[NSString class]]) {
result = [NSString stringWithFormat:@"'%@'", value]; // +++ should escape quotes
} else if ([value isKindOfClass:[NSData class]]) {
result = value.description; // +++ should use QHex
} else {
result = value.description;
}
return result;
}
static void PrintRecordAttribute(ODRecord * record, ODAttributeType attribute) {
NSError * error;
NSArray * values;
values = [record valuesForAttribute:attribute error:&error];
if (values == nil) {
fprintf(stderr, " %s: %s / %d\n", attribute.UTF8String, error.domain.UTF8String, (int) error.code);
} else if (values.count == 0) {
fprintf(stderr, " %s: []\n", attribute.UTF8String);
} else if (values.count == 1) {
fprintf(stderr, " %s: %s\n", attribute.UTF8String, RecordAttributeValueString(values[0]).UTF8String);
} else {
NSMutableArray * valueStrings;
valueStrings = [[NSMutableArray alloc] init];
for (id<NSObject> value in values) {
[valueStrings addObject:RecordAttributeValueString(value)];
}
fprintf(stderr, " %s: [%s]\n", attribute.UTF8String, [valueStrings componentsJoinedByString:@","].UTF8String);
}
}
static void PrintRecords(NSArray * records) {
[records enumerateObjectsUsingBlock:^(ODRecord * record, NSUInteger idx, BOOL *stop) {
#pragma unused(stop)
assert([record isKindOfClass:[ODRecord class]]);
fprintf(stderr, "%zu:\n", (size_t) idx);
PrintRecordAttribute(record, kODAttributeTypeMetaNodeLocation);
PrintRecordAttribute(record, kODAttributeTypeFullName);
PrintRecordAttribute(record, kODAttributeTypeRecordName);
PrintRecordAttribute(record, kODAttributeTypeUniqueID);
}];
}
static void PrintUserListInNode(ODNode * node, NSString * userName) {
NSError * error;
ODQuery * query;
NSArray * desiredAttributes;
NSArray * records;
desiredAttributes = @[
kODAttributeTypeMetaNodeLocation,
kODAttributeTypeFullName,
kODAttributeTypeRecordName,
kODAttributeTypeUniqueID
];
query = [ODQuery queryWithNode:node
forRecordTypes: kODRecordTypeUsers
attribute: kODAttributeTypeMetaAmbiguousName
matchType: kODMatchEqualTo
queryValues: userName
returnAttributes: desiredAttributes
maximumResults: 0
error: NULL
];
assert(query != nil);
records = [query resultsAllowingPartial:NO error:&error];
if (records == nil) {
fprintf(stderr, "%s: query failed: %s / %d\n", userName.UTF8String, error.domain.UTF8String, (int) error.code);
} else {
PrintRecords(records);
}
}