locked
AD Group Names based on user id RRS feed

  • Question

  • User-1471881183 posted

    hi all,

    i want to get group names from Active Directory based on User ID, means i want to know UserA associates with which groups?

    Monday, August 10, 2015 5:03 AM

Answers

  • User1223857158 posted

    Hi,

    From my point of view, I suggest you could add a property (GroupName) for the User object. When you add a user into a group, you could set the GroupName property. Then, you could get user's group name by the GroupName property.

    Best Regards

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 18, 2015 5:30 AM

All replies

  • User753101303 posted

    Hi,

    It's a bit unclear if this is to support your app or if you create rather a user account administration app (ie UserID is the connected user or it could be some other user?).

    If using Windows authentication, https://msdn.microsoft.com/en-us/library/system.security.principal.windowsprincipal.isinrole(v=vs.110).aspx should work.

    For more Advanced needs see the https://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement(v=vs.110).aspx namespace for specialized AD classes.

    Monday, August 10, 2015 5:15 AM
  • User325035487 posted

    group names from Active Directory based on User ID

    using System.DirectoryServices.AccountManagement;
    
    PrincipalContext ctx = new PrincipalContext(ContextType.Domain); //Getting all groups but only for logged in Sub Domain in the forest
    UserPrincipal user = UserPrincipal.FindByIdentity(ctx, r.UserName);
    if (user != null)
       {
          // find the roles....
          var roles = user.GetAuthorizationGroups();
          var Email = user.EmailAddress;
          var UserName = user.SamAccountName;
          var LastLog = (DateTime)user.LastLogon;
          var Designation = user.Description;
          var Name = user.DisplayName;
          var LastBadPass = (DateTime)user.LastBadPasswordAttempt;
          var PassChange = (DateTime)user.LastPasswordSet;
          
    // enumerate over the roles
          foreach (Principal p in roles)
            {
             <span>  @p.ToString(); </span>
            }
         <p> EMail: @Email</p>
         <p> UserName: @UserName</p>
         <p>Password Changed: @PassChange.ToLocalTime().ToString("dd/MM/yyyy HH:mm") </p>
         <p>Last Login : @LastLog.ToLocalTime().ToString("dd/MM/yyyy HH:mm")</p>
         <p> Designation : @Designation </p>
         <p>Name : @Name  </p>
         <p> Last Login Failure : @LastBadPass.ToLocalTime().ToString("dd/MM/yyyy HH:mm")  </p>
       }
    
    
    
    
    

    Hope thius helps.. Adjust the Reference calls

    Monday, August 10, 2015 4:48 PM
  • User-1471881183 posted

    hi 

    jkjhse thanks for your response.

    i tried your code but exception at this place "

    user.GetAuthorizationGroups()

    error says that there is no authorized with this user but, it has many groups associated with the user
    Wednesday, August 12, 2015 4:43 PM
  • User-1471881183 posted
    hi,
    exactly im getting below exception

    System.DirectoryServices.AccountManagement.PrincipalOperationException' occurred in System.DirectoryServices.AccountManagement.dll

    Additional information: While trying to retrieve the authorization groups, an error (5) occurred.
    Thursday, August 13, 2015 5:38 AM
  • User1223857158 posted

    Hi,

    From my point of view, I suggest you could add a property (GroupName) for the User object. When you add a user into a group, you could set the GroupName property. Then, you could get user's group name by the GroupName property.

    Best Regards

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 18, 2015 5:30 AM
  • User325035487 posted

    http://stackoverflow.com/questions/5814561/while-trying-to-retrieve-the-authorization-groups-an-error-5-occurred

    Tuesday, August 25, 2015 2:34 PM