Directory Search

Turn your Active Directory in to a company phone book


You have made an investment to keep your Active Directory up-to-date. Allow your user community to leverage that investment. Directory Search is a standalone Web application that you can provide for your users that will allow them to use the Active Directory as a web-based phone book or company white pages. This simple application is licensed one time for an entire Active Directory forest and is customized in much the same way that Directory Update and Directory Manager are customized.

Your users can search for someone in your Active Directory using most any search criteria that you wish to provide. The information about the user is visible in the tabs below the search results window or the user can double-click on someone in the search results and see more details.

Both the search interface and the fields displayed are configurable by the administrator. Directory Search can also display the photos (if stored in the Active Directory) that are used by Outlook 2010/2013 and Microsoft Lync.


Directory Search is a Web-based application that is based on the search interface in our Directory Manager application. Search criteria for searching the Active Directory including display name, user name, manager, department, title, e-mail address, company, office, employee ID, phone number, and even the extension attributes. Not all search criteria are displayed by default, but are configurable by the administrator.

If enabled, the user can then export their search results to a spreadsheet or they can click on the Edit My Info button and be re-directed to the Directory Update application (purchased separately) so they can update their own Active Directory information. If you choose to enable this feature, Directory Search will allow you to export your search results to a spreadsheet. The administrator specifies which fields can be exported.

By default, anonymous logon access is enabled for Directory Search, but the installer can configure Directory Search to use forms-based authentication or Integrated Windows Authentication. The installer can also configure which fields are visible on the user information form and which columns/fields are shown in the search listing.

Features include:

  • Customizable search interface. You specify the attributes that you want to allow the user to search and view.

  • Option to export search results to a CSV or XLS file; this can be hidden

  • Edit My Info button provides a link so that the user can link to Directory Update (if installed)

  • Configurable OU filter and other filters so you can display only the users from your directory that you want your users to see.

  • Most of the interface is localizable so that you can customize to your local language or dialect.


Like our other software, we strongly urge all potential customers to download Directory Search, install it in your environment, and customize it for your use. You will see how easy it is to get Directory Search up and running.

You can download a fully functional from the Downloads section of our Web site; the evaluation will be fully functional for 21 days with no limitations. We will not ask you for your e-mail address, telephone number, or first born child; all you have to do is download the software. And, if you run in to problems and have a question, we will give you the same great support we give our customers.

If you choose to purchase Directory Search, you can keep your customized configuration. Just run the Configuration wizard and edit the Directory Search installation to add your license key.

Online Demo

Note quite ready to download the evaluation and install it yourself? Not a problem! You can still see Directory Search in action on our "live" demo page. This is a test Active Directory with a test set of data. The Directory Search installation is pretty much a default install with a few features enabled to give you a feel for how the software works.

Directory Search online demo


If you already have one of our other products running on an IIS server in your forest, then you have met most of the requirements for Directory Search already. The server on which Directory Search is installed must be a member of the same forest in which it will be used. Directory Search cannot be used against accounts in trusted domains that are located in another Active Directory forest.

Active Directory Requirements

Directory Search works against all versions of Active Directory including Windows 2000, Windows 2003, Windows 2008, Windows 2008 R2, Windows Server 2012 and Windows Server 2012 R2. All Active Directory queries use the LDAPv3 between the IIS server and a domain controller.

Exchange Server Requirements

Directory Search does not require any version of Microsoft Exchange Server. We can use some attributes that are provided by the Exchange Server “schema” prep but Exchange is not required. To use attributes such as the extension attributes (aka custom attributes) we suggest you “prep” you forest with a minimum of Exchange Server 2003, but this is not necessary.

Server Operating System

Starting in June 2014, all Ithicos installers only support x64 Windows. If you are still using Windows Server 2003 or Windows 2008 x86, please contact support for manual installation instructions.

  • Windows Server 2008 with SP1 (x64 only)
  • Windows Server 2008 R2
  • Windows Server 2012
  • Windows Server 2012 R2

Either the Standard Edition or Enterprise Edition is supported. The server can be either physical or using a virtualization technology such as VMWare or Microsoft HyperV. For Windows Server 2008 and 2012, you must install the full installation of the operating system. Server Core installations are not supported.

Internet Information Server

  • Internet Information Service (IIS) 6, 7, 7.5, 8, or 8.5
  • IIS 6 compatibility components must be installed if using Windows Server 2008
  • ASP.NET must be enabled
  • .NET Framework v4.0 must be installed/enabled
  •  Integrated Windows Authentication must be allowed

Quick Installation of Prerequisites

You can quickly install all of the roles and features necessary using the PowerShell's Server Manager module. This allows you to specify all the roles and features required.

Windows Server 2008 R2

1.  Open a PowerShell command prompt as an administrator 
2.  Type Import-Module ServerManager and press Enter
3.  Type Add-WindowsFeature Web-Server, Web-Basic-Auth, Web-Windows-Auth, Web-ASP-NET,
  Web-Net-Ext, AS-Web-Support and press Enter
4.  Reboot if prompted.
Windows Server 2012 / Windows Server 2012 R2

1.  Open a PowerShell command prompt as an adminisitrator 
2.  Type Import-Module ServerManager and press Enter
3.  Type Add-WindowsFeature Web-Server, Web-Basic-Auth, Web-Windows-Auth, NET-FRAMEWORK-45-Core,
  NET-FRAMEWORK-45-ASPNET, Web-HTTP-Logging, Web-NET-Ext45, Web-ASP-Net45 and press Enter
4.  Reboot if prompted.

Microsoft/Windows Updates

Once the perquisites are installed, we strongly recommend that you perform a Microsoft Update and install all recommended and critical updates.

Interoperability with Other Web Applications

Directory Search usually works fine with most web applications running on the same IIS server provided the server remains in a minimum of IIS 6 mode. Directory Search can co-exist on the same IIS server as other Ithicos Solutions products. We recommend against running Directory Search on the same server with Microsoft SharePoint.

Service / Proxy Account

During the Directory Search installation, you will be prompted for a service/proxy account. This is only used during the installation. This account can be a regular user unless you are also going to use with one of our other products:

  • Name the account something recognizable such as SVC_DirectorySearch
  • Proxy account password should have a strong password (15 characters)
  • Proxy account’s password must not expire

Application Pool

An application pool is a memory space in which a web application executes. Web applications are assigned to the DefaultAppPool by default and that is usually fine. We recommend creating an application pool for Ithicos applications.

  • Name the application pool something like IthicosAppPool
  • Application pool identity must run as the NetworkService user
  • 32-bit mode must be disabled

Installer’s Account

The person that installs Directory Search should use a user account that is both a domain account and a member of the server’s local Administrators group.

Secure Sockets Layer (SSL)

SSL is a security layer that protects HTTP data as it is transmitted across your network or the Internet. We strongly recommend that any web site that transmits personal data use SSL. Directory Search will work on a web site that uses SSL or not.

SSL uses a certificate that is “signed” by a certificate authority. We recommend that the certificate be issued by a certificate authority (CA) that is trusted by the browser clients that your users will be using. This prevents security warnings; users should never get used to ignoring security warnings.

Enabling SSL is a feature of Internet Information Server. The process will depend on the operating system.

Follow these links:

Browser Requirements

Directory Search uses ASP.NET and AJAX controls to create some enhanced functionality within the browser; some call this Web 2.0 technology. This means that it is not as simple as a standard web page and thus browsers must be carefully tested.

Our current releases support the following browser versions:

  • Internet Explorer 8.x - 11.x - IE compatibility mode must be off
  • Firefox 16.x and later
  • Google Chrome v11.x and later

We only update current versions of our software when a new browser is released. This does not mean that older versions of our software or other browsers (Safari or Chrome) will not work, but we may not support them if you have problems. We recommend customers stay on software maintenance so that they can upgrade to newer builds of the software as they become available.

Note also that Internet Explorer is required to use Integrated Windows Authentication.


Directory Search is simple to install as long as the prerequisites all installed. Download the latest version from our Web site and unzip the DirectorySearch.msi file. Place the MSI file on the server’s local hard drive, such as in the c:\temp folder.

You can usually just double-click on the MSI file to launch the installer, but on Windows Server 2008/2012, the User Account Control security settings may be set so tightly that you have to launch the installer from the command line (don’t forget to “Run As Administrator”) like so:

msiexec.exe /i c:\temp\DirectorySearch.msi
  1. On the installation wizard welcome screen, Click Next

  2. On the License Agreement screen, click “I Agree” and then click Next

  3. On the Select Installation Address, most installations use the defaults. From this screen, you can select a different web site and virtual directory name . When you have made your selection, click Next.

    Directory Search - Installation Address

  4. On the Destination Folder screen, select the location for the Directory Search files (usually c:\inetpub\wwwroot\DirectorySearch\) and click Next

  5. On the Directory Settings screen, enter the host name of the domain controller, then DNS domain name of your Active Directory domain, the service/proxy account (in domain\username format), and the proxy account password. A common configuration problem is entering the FQDN name of the domain controller in the Domain Controller text box; this text box is for the host (short) name of the domain controller. Click the “Test Directory Settings” button and then click Next.

  6. Directory Search - Specifying domain and service account information

  7. On the Licensing Information Screen, copy and paste the organization name and license key that you were provided after you purchased the software. If you select the Evaluation checkbox, the software is fully functional in Evaluation mode for 10 days and you can run the configuration wizard later to provide the licensing information. Click Next when finished.

  8. Directory Search - Licensing information

  9. On the Ready To Install Directory Search screen, click the Install button. The installation takes between 15 and 30 seconds. When complete, click the Finish button to exit the installer.

  10. Immediately test the installation by using a Web browser to visit http://localhost/DirectorySearch (the default URL if you are checking from the console of the server) or http://yourservername.yourcorp.local/DirectorySearch (if you are checking from elsewhere on your network.)

You can now proceed to customizing the application.

Installation Checklist

  1. Test the default installation (with no customizations)

  2. Edit the DirectorySettings.XML file to configure the fields that you want to use (visibility, required, dropdown versus text, validation formats, etc…)

  3. Edit the AppSettings.XML file to customize the help text

Customization of Directory Search

Directory Search is customized in much the same way that Directory Manager is customized. See the Directory Manager product page for Customization information.

Version History and Product Updates

Directory Search was originally based on the search interface that was originally developed for Directory Manager. Our intention was to give our customers a low cost, easy to use search interface for Active Directory.

Directory Search v3.0

At long last, we are formally releasing Directory Search v3.0.

  • Completely redesigned user interface; it is both fairly but also refreshed and updated.

  • Windows Server 2012 / Windows Server 2012 R2 support. Windows 2008 x64 / Windows 2008 R2 support. Contact support about x86 support.

  • UUU

  • Browsers xxx

Directory Search v2.0

  • Updated to new installer technology (Wix) that better automates the installation process. Dedicated application pool now created and assigned. Folder permissions for NetworkService now automatically assigned.

  • Windows Server 2012 / Windows Server 2012 R2 support. Windows 2008 x64 / Windows 2008 R2 support. Contact support about x86 support.

  • Code update so that .NET Framework v4.0 is used rather than v2.0 Framework. Updated AJAX controls.

  • Browsers supported: IE 8, 9, 10, 11. Firefox 19.x and later. Chrome 15.x and later. Note, IE must *not* be in IE 7 compatibility mode.

  • Added custom LDAP search filter option that can be used either for inclusion or exclusion filtering.

  • Minor bug fixes including fixing how photos are displayed when they are larger than 128x128.

  • Extended evaluation period to 21 days.

Directory Search v1.8

  • Fixed search result issue after an invalid search is issued

  • Addresses issue with telephone numbers having spaces stripped out.

  • Upgraded RAD controls for better compatibility with IE 10 patches and newer releases of Firefox and Chrome.

Directory Search v1.7

  • Updated screen display for telephone numbers to allow phone numbers to be better recognized by Microsoft Lync and Skype clients

  • Custom LDAP filter feature allows administrator to specify their own LDAP filter via AppSettings.XML file. This filter allows the initial search criteria to include or exclude specific users. Once the filter is in place, it cannot be overridden via the search interface.

  • Updates in screen and controls for compatibility with Internet Explorer 9/10 and Firefox 19.x.

  • Changed how default search results are returned so that they are more representative of users in Active Directory.

Directory Search v1.6

  • Updates in screen and controls for compatibility with Internet Explorer 8 and Firefox 6.x