locked
List Users for specific Group RRS feed

  • Question

  • User224033974 posted

    hi there

    first of all, i tried to search this forum for an already existing post/thread. i have found a few but as i am new to it, i cant filter out what i have to do for an adaption.

    i am using ASP.NET - C#. i am looking for a hardcoded variant to list all users of a specific active directory group.

    my actual version is the following:

    DirectoryEntry entry = new DirectoryEntry

    ("LDAP://myserver.net/CN=group,OU=sub3,OU=sub2,OU=sub1,DC=myserver,DC=net");

    System.DirectoryServices.DirectorySearcher mySearcher =

    new System.DirectoryServices.DirectorySearcher(entry);

    mySearcher.Filter = ("(&(objectCategory=Person)(objectClass=user))");

    foreach (System.DirectoryServices.SearchResult resEnt in mySearcher.FindAll())

    {         // i don't even reach this iteration, as the searcher seems to dont find anything

             Response.Write(resEnt.toString());

    }

    Afaik i have to provide the LDAP path to the group (CN=group) i want the userlist of.  My filter should only retrieve the users. This should work, but guess what - it doesnt ;-)

    so my 2 questions:

    1) is the path correct ? ( only the syntax ofc )

    2) within the iteration i want to retrieve the name of the user. so i should be able to retrieve it out of the SearchResult object, shouldnt i ?!

    i hope you can help me. anyways, thx for your time.

    best regards, sepp o/

    Wednesday, August 9, 2006 7:10 AM

All replies

  • User224033974 posted

    well, after 1 day of research, i have entered this post.

    guess what, after 30 mins of the post entry, i have successfully adapted a program, which i found on the msdn homepage. ( i know you guys dont like it ;-) )

    nevertheless, it works

    so ill post my approach, perhaps it is usefull for somebody:

    public string[] GetUsers()

    {

    string group = "Supportdesk_Mitarbeiter"; // this is the group for which all users should be listed

    DirectoryEntry entry = new DirectoryEntry(LDAP://myserver.net);

    System.DirectoryServices.DirectorySearcher mySearcher = new System.DirectoryServices.DirectorySearcher(entry);

    mySearcher.Filter = ("CN="+group);

    mySearcher.PropertiesToLoad.Add("member");

    StringBuilder userNames = new StringBuilder();

    try

    {

    SearchResult result = mySearcher.FindOne();

    int propertyCount = result.Properties["member"].Count;

    String dn;

    int equalsIndex, commaIndex;

    for (int propertyCounter = 0; propertyCounter < propertyCount;

    propertyCounter++)

    {

    dn = (String)result.Properties["member"][propertyCounter];

    equalsIndex = dn.IndexOf("=", 1);

    commaIndex = dn.IndexOf(",", 1);

    if (-1 == equalsIndex)

    {

    return null;

    }

    userNames.Append(dn.Substring((equalsIndex + 1),

    (commaIndex - equalsIndex) - 1));

    userNames.Append("|");

    }

    }

    catch (Exception ex)

    {

    throw new Exception("Error @retrieving user names of this group " + ex.Message);

    }

    string AD_groups = userNames.ToString();

    string[] myStr = AD_groups.Split('|');

    return myStr;

    }

    this method returns a string array, each element carries an user of the group.

    best wishes, sepp

    Wednesday, August 9, 2006 7:50 AM
  • User1354132231 posted
    At least you fixed the constructor.  If you need nested members then you need more work.  Did you see the link to the samples here on the first post in this forum?  There are comprehensive examples on how to do this much more elegantly.  See Ch. 11's code.  Additionally, if you check my blog I have thoroughly examined this as well in the posts about recursive DN syntax attributes.

    You should be aware that at a minimum what you have will barf for both nested groups as well as any groups over 1500 members.
    Monday, August 14, 2006 1:11 PM