Best IT Recipes

How to get AD user groups for a user in Asp.Net?

I need to be able to get a list of groups the user is in, but I need to have one / several / all of the following properties:

  • DistinguishedName
  • name
  • cn
  • SamAccountName

Now I have a name, but not some of them (the names seem private, but not all match correctly. This is what I use:

ArrayList groups = new ArrayList(); foreach (System.Security.Principal.IdentityReference group in System.Web.HttpContext.Current.Request.LogonUserIdentity.Groups) groups.Add(group.Translate(typeof(System.Security.Principal.NTAccount)));

As I said, the above works, but will not get me the proper names that I need for my program (the ones mentioned above). I need this to match the list that I get when I call all the groups in my domain:

 DirectoryEntry dirEnt = new DirectoryEntry("LDAP://my_domain_controller"); DirectorySearcher srch = new DirectorySearcher(dirEnt); srch.Filter = "(objectClass=Group)"; var results = srch.FindAll();
+3
c # active-directory
Sep 18 '08 at 6:47
source share
1 answer

You cannot do this in one step, since groups are also separate AD elements with properties.

So, in the first run you should get the names of the groups the user is in and fill them with some list.

The second step is to go through all the group names and request them one by one to get the group properties (for example, distinguished name, etc.) and assemble them into some kind of structure.

+3
Sep 18 '08 at 7:04
source share


More articles:


All Articles