locked
Query AD for users in a specific group (by group name) RRS feed

  • Question

  • User323983933 posted
    • .net framework 4.0. 
    • ASP.NET 
    • Internal company intranet site.

    There is no System.DirectoryServices namespace (or maybe I need to install something)

    This should be simple.

    I need a list of all the user names in a particular group by group name,  (i.e.  List the users in "corp\web-admins");

    All I need is a List<string> of the names, or even a string[] array.  I don't need to do anything to the AD user entries once I have the list.

     

    Monday, June 9, 2014 3:29 PM

Answers

  • User-809753952 posted

    Try this:

     Dim ADUserList As New ArrayList
            Dim oPrincipalContext As New PrincipalContext(ContextType.Domain, "domainname.com")
            Dim oGroupPrincipal As GroupPrincipal = GroupPrincipal.FindByIdentity(oPrincipalContext, "ADGroupName")
            For Each principal In oGroupPrincipal.Members
                 ADUserList.Add(Principal.SamAccountName)
            Next

    You may need to Import these too:

    Imports System.DirectoryServices
    Imports System.DirectoryServices.AccountManagement
    Imports System.DirectoryServices.ActiveDirectory

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 10, 2014 6:20 AM

All replies

  • User1508394307 posted

    http://forums.asp.net/t/1615887.aspx 

    Monday, June 9, 2014 4:08 PM
  • User323983933 posted

    Well close, but the code on that example gives me back an answer that looks like

    CN=Smith\, Bruno,OU=OnShore,OU=External,OU=People,DC=abc,DC=office,DC=com

    What I'd much rather have is loginID/user fullname

    The user loginID doesn't even exist in that string.

    Here's the code so far.

            private static List<string> GetAllMembers(string groupName)
            {
                List<string> answer = new List<string>();
                DirectoryEntry entry = new DirectoryEntry();
                DirectorySearcher ds = new DirectorySearcher(entry);
                ds.Filter = String.Format("(&(cn={0})(objectClass=group))", groupName);
                ds.PropertiesToLoad.Add("member");
                SearchResult sr = ds.FindOne();
                for (int i = 0; i < sr.Properties["member"].Count; i++)
                    answer.Add(sr.Properties["member"][i].ToString());
    
                return answer;
            }
    

    Monday, June 9, 2014 6:58 PM
  • User1508394307 posted

    I think it depends on your setup, and if login is not returned you can request it using an additional search

    string cn = "CN=Smith\, Bruno,...";
    DirectoryEntry de = new DirectoryEntry("LDAP://" + cn);
    string s = (string)de.Properties["samaccountname"].Value;

    to get his full name (btw, the full name is already there in the string) retrieve properties of "givenName" (first name), and "sn" (for surname = last name).

    Tuesday, June 10, 2014 2:11 AM
  • User-809753952 posted

    Try this:

     Dim ADUserList As New ArrayList
            Dim oPrincipalContext As New PrincipalContext(ContextType.Domain, "domainname.com")
            Dim oGroupPrincipal As GroupPrincipal = GroupPrincipal.FindByIdentity(oPrincipalContext, "ADGroupName")
            For Each principal In oGroupPrincipal.Members
                 ADUserList.Add(Principal.SamAccountName)
            Next

    You may need to Import these too:

    Imports System.DirectoryServices
    Imports System.DirectoryServices.AccountManagement
    Imports System.DirectoryServices.ActiveDirectory

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 10, 2014 6:20 AM
  • User323983933 posted

    Thanks.  Here's the code I came up with in C#.

     

            private static Dictionary<string, string> GetAllMembers(string groupName)
            {
    
                Dictionary<string, string> answer = new Dictionary<string, string>();
    
                PrincipalContext PC = new PrincipalContext(ContextType.Domain);
                GroupPrincipal GP = GroupPrincipal.FindByIdentity(PC, groupName);
                foreach (Principal P in GP.Members)
                {
                    answer[P.SamAccountName] = P.Name;
                }
                return answer;
            }

    Tuesday, June 10, 2014 6:06 PM