Posts tagged Active Directory

One of the design goals when creating web parts is to make the web part reusable across a number of site collections and web applications where each site administrator may have slightly differing requirements.

To a degree this is achieved by defining web part properties that appear in the web part editor that enable the user to use standard web controls such as textboxes, radio button lists and drop down lists to set the web parts configuration options.

There may be times however where more complex data storage requirements are required for configuration and this is where XML can help by configuring a web part property to store XML which can be parsed and manipulated by the web parts code. More >

I have come across the Nomine AD User Editor on Codeplex and found it to be an excellent free web part that enables a user to be able to update their own Active Directory profile. The web part lets the site owner edit the AD fields that appear on the form by using a simple XML configuration file.  The web part supports the following form elements:

• Textbox
• Drop down list
• Listbox
• People Picker
• Date Picker (with Calendar)

There are a couple of gotchas to lookout for when using it.

1. By default it lets the user search Active Directory and edit any user profile so when configuring the web part for a user to update their own active directory profile make sure to:
   • Tick ‘Edit Current User Only’.
   • Untick ‘Allow Editing In Personal Mode’ or else the user will be able to edit their personal view of the web part

   • 

     Nomine AD User Editor Configuration

2. Create a new web application specifically for deploying this web part to. This is because the web part is activated as a feature at Site Collection level and if you deploy to another application such as an intranet then any site collection administrators on any site collection in the application will be able to add the web part to their pages and if they do they will doubtless forget / be unaware of the two previous configuration steps outlined above and you will then have any user being able to update any other users details.

All in all this is a great web part that dynamically creates the edit user form using information from the xml configuration.

A wish list for the web part would be to

• Support encrypted passwords in the .config file so that the details of the AD account were not exposed in free text.
• Give a ‘Details updated successfully’ type prompt after the user submits the form.
• Make the ‘Edit Current User Only’ property read only if editing the web part in personal mode.