C# - How To Access Active Directory To Get The List Of Groups That A Certain User Belongs To

Aug 24, 2010

In C#, how do i access Active Directory to get the list of groups that a certain user belongs to?

The user details are in the form:

"MYDOMAINmyuser"

I've been following the instructions from here but they only work if i have the user details in the form:

"LDAP://sample.com/CN=MySurname MyFirstname,OU=General,OU=Accounts,DC=sample,DC=com"

So maybe what i'm asking is, how to get from the first, shorter, form to the fully qualified form below?

View 2 Replies


Similar Messages:

Active Directory/LDAP :: Getting The Group Name User Belongs To Error

Oct 28, 2010

I have the following AD Strucure

Domain Controller with the Name like abc.com ........> Groups Folder .....>>>UserGroups >>> Subgroup >>>> List of Users


I did the following but not succeed

[Code]....

Iam getting the Count == 0 at the below line

int groupCount = result.Properties["memberOf"].Count;

View 2 Replies

How To Get The Groups Of A User In Active Directory

Mar 15, 2011

I use this code to get the groups of the current user. But I want to manually give the user and then get his groups. How can I do this?

[code]....

View 2 Replies

Active Directory/LDAP :: Get AD Groups For User By Username In 4.0

Aug 5, 2010

I've been searching for a solution to get a list of the AD Groups for at specific AD user. I'll need the current user logged in and would like to query by the username. The problem is that all the solutions I find on the web uses System.DirectoryServices - and I can't find the dll in my .Net 4.0 webproject (I only have System.DirectoryServices.AccountManagement) - so I can't use any of the examples that I've found. Is there a difference way to query the AD through 4.0 compared to 2.0? I could really use some examples, articles or just good advise to get moving - I'm kind of stuck at the moment.

View 4 Replies

Active Directory/LDAP :: Getting User Groups / Can't Use UserPrincipal.GetGroups In System

Mar 8, 2010

I am having trouble using UserPrincipal.GetGroups in System.DirectoryServices.AccountManagement.

When I use the following code:

PrincipalSearchResult<Principal> groups = userPrincipal.GetGroups();

foreach (GroupPrincipal g in groups){
Console.WriteLine(g.DisplayName);
}

I get the error "The value for the property AttributeScopeQuery cannot be set" in the foreach loop. I also get the same error when using groups.Count()I have read things that indicate this may be due to having some Windows 2000 domain controllers in the domain and so meaning it does not support ASQ.

What is the best way of doing this? The best I have come up with, since most of the rest of my code is running fine using System.DirectoryServices.AccountManagement is using the GetUnderlyingObject method of the UserPrincipal to get a DirectoryEntry and enumerating the values of the memberOf attribute. Using LINQ the code is quite compact:

var groups = from string groupPath in
((DirectoryEntry)userPrincipal.GetUnderlyingObject()).Properties["memberOf"]
select new DirectoryEntry("LDAP://" + groupPath).Name.Replace("CN=", "");
foreach(groupName in groups){
Console.WriteLine(groupName);
}

View 1 Replies

C# - Find Out User Belongs To Which Groups

Sep 8, 2010

I have a windows user accounts which i just created take XYZ for example.

This XYZ belongs to a User group and a custom group i created in Computer Management --> Local users and groups.

So in properties i see that the user belongs to the 2 groups.

Now i want to get those groups and display them. any suggestions???

i have done this but this is not right as it gives me the roles of SQL (i think)

here is what i did:

after logging in and impersonating i call the function

getUserGroups();

private void getUserGroups()
{
// collect the user domain and identity
string[] arr =
System.Web.HttpContext.Current.Request.
LogonUserIdentity.Name.Split('\');
// update the display to show
// the captured domain and user
if (arr.Length > 0)
{
new GUIUtility().LogMessageToFile("User Name" + arr[0].ToString());
new GUIUtility().LogMessageToFile("User Domain" + arr[1].ToString());
}
// create an arraylist and populate
// it with the list of groups that
// the current user belongs to
ArrayList al = new ArrayList();
al = GetGroups();
// check to see if the user belongs
// to a specific group and create
// a list of all of the user's groups
foreach (string s in al)
{
// add this one to the list
new GUIUtility().LogMessageToFile("Group" + s);
// check to see if the user
// belongs to a specific group
//if (s == "BXSWLT\SomeCustomGroup")
//{
// // change the label to show
// // there was a match
// lblMemberOfGroup.Text = "YES";
//}
}
}
public ArrayList GetGroups()
{
ArrayList groups = new ArrayList();
foreach (System.Security.Principal.IdentityReference group in
System.Web.HttpContext.Current.Request.LogonUserIdentity.Groups)
{
groups.Add(group.Translate(typeof
(System.Security.Principal.NTAccount)).ToString());
}
return groups;
}

the Result i get is:

9/8/2010 5:57:22 PM: User Name NT AUTHORITY.
9/8/2010 5:57:22 PM: User Domain IUSR.
9/8/2010 5:57:22 PM: Group Everyone.
9/8/2010 5:57:22 PM: Group BUILTINUsers.
9/8/2010 5:57:22 PM: Group NT AUTHORITYAuthenticated Users.
9/8/2010 5:57:22 PM: Group NT AUTHORITYThis Organization.
9/8/2010 5:57:22 PM: Group LOCAL.

View 1 Replies

How To Check Whether A User Belongs To An AD Group And Nested Groups

Apr 21, 2010

I have an ASP.NET 3.5 application using Windows Authentication and implementing our own RoleProvider.

Problem is we want to restrict access to a set of pages to a few thousand users and rathern than inputing all of those one by one we found out they belong to an AD group.

The answer is simple if the common group we are checking membership against the particular user is a direct member of it but the problem I'm having is that if the group is a member of another group and then subsequently member of another group then my code always returns false.

For example: Say we want to check whether User is a member of group E, but User is not a direct member of *E", she is a member of "A" which a member of "B" which indeed is a member of E, therefore User is a member of *E"

One of the solutions we have is very slow, although it gives the correct answer

using (var context = new PrincipalContext(ContextType.Domain))
{
using (var group = GroupPrincipal.FindByIdentity(context, IdentityType.Name, "DL-COOL-USERS"))
{
var users = group.GetMembers(true); // recursively enumerate
return users.Any(a => a.Name == "userName");
}
}

The original solution and what I was trying to get to work, using .NET 3.5 System.DirectoryServices.AccountManagement and it does work when users are direct members of the group in question is as follows:

public bool IsUserInGroup(string userName, string groupName)
{
var cxt = new PrincipalContext(ContextType.Domain, "DOMAIN");
var user = UserPrincipal.FindByIdentity(cxt, IdentityType.SamAccountName, userName);
if (user == null)
{
return false;
}
var group = GroupPrincipal.FindByIdentity(cxt, groupName);
if (group == null)
{
return false;
}
return user.IsMemberOf(group);
}

The bottom line is, we need to check for membership even though the groups are nested in many levels down.

View 3 Replies

Active Directory/LDAP :: Get User Groups From Open Ldap Using Vb.net

Apr 1, 2011

I'm trying to get the groups a user is member of from an Open Ldap using vb.net 3.5.

Although so far I have managed to connect to the ldap server and get the user's info like sn, givenname, description, mail, adspath,

I have absolutely no information about the user's groups.

My code is like this:

Dim oEntry as New DirectoryEntry
Dim oSearcher as New DirectorySearcher
oEntry = New DirectoryEntry("LDAP://myServer/ou=test, dc=example, dc=com", username, pwd, AuthenticationTypes.ServerBind)
oSearcher = New DirectorySearcher(oEntry, "(uid=" & uName & ")")
oResult = oSearcher.FindOne()
if not oResult is Nothing then
Dim ADUser as DirectoryEntry
ADUSer = oResult.GetDirectoryEntry()
end if

Well, ADUser has no info on user membership whatsoever.

Am I doing something wrong? Should I use System.DirectoryServices.Protocols as I saw someone mentioning instead

of System.DirectoryServices or is .Protocols just for Framework 2.0?

View 1 Replies

Active Directory/LDAP :: C# & Active Directory / List The Users Of An Organizational Unit Result?

Mar 13, 2010

have a probleme with my search filter, i want to list the users of an organizational unit result.filter =(& (objectClass= user)(ou=dep1)); ====> it didn't work for me

View 1 Replies

Active Directory/LDAP :: How To Get A Primary Token To Solve A Double - Hop And Be Able To Access Active Directory

Mar 4, 2010

How to get a primary token to solve a double - hop and be able to access Active Directory [URL]

I don't understand a method A where is ASPX page to set the security mechanism to Anonymous only.

View 1 Replies

Active Directory/LDAP :: How To Return A Group Of Users In A List Using Active Directory

Jun 15, 2010

I need to list a group of users, their group name is (IRS Group) to a list group. how to do this. I'm very new to asp.net and dont have much knowlegde about acctive directory.

View 1 Replies

Security :: How To Make Authentication Using Active Directory Groups

Mar 8, 2010

I've built a asp.net 3.5 web application and want to be able to restrict access to particular pages. I have pages which should be able to be accessed by a user and then an adminshould be able to access all pages. I have created 2 Active Directory groups, one for normal users and one for admins so any users in the user group can see some pages then admins should have no restrictio

View 1 Replies

Active Directory/LDAP :: How To List The Members Of A Active Directory Group

Mar 25, 2010

how to get the member of property of a active directory group?

I am using .NET 2 framework and c# laungauge.

View 2 Replies

Active Directory/LDAP :: Change A User Password As An Administrator In Active Directory Using C# Code?

May 25, 2010

Is there anyway to change a user password as an administrator in active directory using c# code.

View 1 Replies

Migration Of Email Groups From Lotus Notes To Outlook Active Directory?

Nov 1, 2010

We are in the process of migrating from Lotus notes to Outlook by writing a .Net application. We have many email groups and contacts in Outlook that we want to move to the Active Directory in Outlook.

View 1 Replies

Security :: Grant Access To User Outside Of Active Directory?

Jun 9, 2010

I have a web app that uses AD to authenticate the user which works great. But i received a request where a user that is outside of the Ad needs access to the application.

Is there a way to add this user manually (Maybe in web.config) to allow them to access the application?

View 1 Replies

Active Directory/LDAP :: How To Add A Field That Add Active Directory User In Web Application

Sep 30, 2010

I like to add a field that add active directory user in ASP.NET Web Application .

View 1 Replies

Active Directory/LDAP :: Active Directory User Account Is Locked

Jul 27, 2010

the directoryentry object with wrong password locks the user account and not able to log in again.

View 2 Replies

Active Directory/LDAP :: Active Directory Query For Specific User?

May 19, 2010

I have read countless forums and found nothing so for so apparently what I need is an unusual request.I need a code snippet that will iterate through an AD domain account and display all properties for a given user.Has anyone ever built such a script?

If there is a code snippet that displays just the available properties of a user object, this would be sufficient. I am trying to build an application to add users to our LDAP and need to populate all our specific values however I don't have the specific property names to populate.

View 5 Replies

Active Directory/LDAP :: Moving User In Active Directory?

Oct 15, 2010

an error I am receive when trying to move a user in Active Directory, The error is -2147016672 - An Operations error occurred

[Code]....

View 1 Replies

Active Directory/LDAP :: How To Authenticate User Against Particular OU In Active Directory

Sep 28, 2010

How to authenticate an user against a particular OU in Active Directory. If the AD holds 50 OUs I don't want to look into all 50 OUs , instead it should look into a particular OU( for eg: OU=dotnet users) to authenticate the user.

View 1 Replies

Active Directory/LDAP :: User Part Of Active Directory Or Not?

Dec 13, 2010

How to check if user is part of Active directory or not. I have a username, and i want to check if that user is available in the active directory. I am using .NET 4.0 version

View 1 Replies

Active Directory/LDAP :: Check User In Active Directory?

Mar 25, 2011

I want to check if specified username is present in active directory

View 3 Replies

Active Directory/LDAP :: Modification To Ldap String To Include Groups From OU?

Jul 21, 2010

I am using the following LDAP string:

(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!description=Generic*)(!cn=*-))

is it possible to modify this string to also include security groups that are located within a particular OU?

View 1 Replies

Active Directory/LDAP :: Cannot Add User Into Active Directory Via

Feb 25, 2010

My System Have 2 Computer:

Frist Computer act as A domain Controller that has a Active Directory,RADIUS Server,DHCP and DNS

Second Computer act as A Web Server and use Microsoft Visual Studio Team System 2008

I create a website to add user in active directory. I have 3 file:

1.Default.aspx - Let user fill their privacy information

2.ViewRegisterdata.aspx - Let user confirm their information before it's added to active directory. In this file,there is a Viewregisterdata.aspx.cs which collect user information and send to Class1.cs when users click confirm button.

3.Class1.cs - Do the process in adding user in active directory

I have a problem with a second and third files. When I run the website and go to a second page that is a ViewRegisterdata.aspx and then press a confirm button,it shows an error.

Although I inactivate a code section that do adding user to active directory and write a code to show a value that is sent from A ViewRegisterdata.aspx,It still shows a ViewDataregister.aspx and not show a Windows console.It seems it cannot send user information from a ViewRegisterData.aspx despite I include a Class1.cs into the file already

[code]....

View 6 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved