We allow our users to enter Active Directory account information using either an NT

Question

0

Asked: May 15, 20262026-05-15T17:15:13+00:00 2026-05-15T17:15:13+00:00

We allow our users to enter Active Directory account information using either an NT

0

We allow our users to enter Active Directory account information using either an NT account name (domain\account) or a UPN (account@email,xxx). I would like to write some code to validate the account in active directory before allowing the user to move on. Note, we are not validating a password, just the account name.

I can use UserPrincipal.FindByIdentity, however, this expects only a user name.

Can I validate the account name in either format using .NET? Or am I relegated to parsing out out the domain from the account name to validate both parts of the user input? The later would be a bit messy, woudln’t it?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-15T17:15:14+00:00

Editorial Team

2026-05-15T17:15:14+00:00Added an answer on May 15, 2026 at 5:15 pm

Attempt to create a WindowsIdentity from the UPN:

WindowsIdentity wi = new WindowsIdentity("alias@example.com");

It will succeed for an UPN valid in AD, throw an exception for invalid ones. The process validating the UPN must be connected to the AD and have proper access rights (ie. no anonimization due to delegation constraint on an impersonated context).

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

We allow our users to enter Active Directory account information using either an NT

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply