Get list of Active Directory users in C#

Question

I'm having an issue getting a list of the users in the Domain Users group in Active Directory. 

My problem is that it's only returning 7 users.  However, if I open a command prompt, and use the Net Group command, it returns all the domain users, including myself.

If I get a list of the groups that I'm a member of, "Domain Users" is not listed. 

I don't even know where to start troubleshooting this as it makes no sense to me.  Is there anything that could "hide" a group from being displayed?

Thanks!

Answer 1

Could you paste what code you are trying? that wud be easy to find the issue.

Answer 2

This is what I'm using to get the users in a group.  Again, it returns the users, but not nearly a complete list.

try
      {
        _directoryEntry = null;
        DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
        directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + groupName + "))";
        SearchResult results = directorySearch.FindOne();
        if (results != null)
        {
          DirectoryEntry deGroup = new DirectoryEntry(results.Path, user, pass);
          System.DirectoryServices.PropertyCollection pColl = deGroup.Properties;
          int count = pColl["member"].Count;

          for (int i = 0; i < count; i++)
          {
            string respath = results.Path;
            string[] pathnavigate = respath.Split("CN".ToCharArray());
            respath = pathnavigate[0];
            string objpath = pColl["member"][i].ToString();
            string path = respath + objpath;

            DirectoryEntry user = new DirectoryEntry(path, user, pass);
            ADUserDetail userobj = ADUserDetail.GetUser(user);
            userlist.Add(userobj);
            user.Close();
          }
        }
        return userlist;

This is what I'm using to return the groups for a user.  I've been using this for testing.  The group I'm looking for "Domain Users" doesn't appear when I look for myself, even though I'm a member of that group.

DirectoryEntry de = new DirectoryEntry(LDAP, user, pass);
      DirectorySearcher search = new DirectorySearcher(de);
      search.Filter = "(sAMAccountName=user)";
      search.PropertiesToLoad.Add("memberOf");
      StringBuilder groupNames = new StringBuilder();
      try
      {
        SearchResult result = search.FindOne();
        int propertyCount = result.Properties["memberOf"].Count;
        String dn;
        int equalsIndex, commaIndex;

        for (int propertyCounter = 0; propertyCounter < propertyCount; propertyCounter++)
        {
          dn = (String)result.Properties["memberOf"][propertyCounter];

          equalsIndex = dn.IndexOf("=", 1);
          commaIndex = dn.IndexOf(",", 1);
          if (-1 == equalsIndex)
          {
            return null;
          }
          groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1));
          groupNames.Append("|");
        }

Answer 3

Here's the code I used for a similar project I worked on.  I don't have the link, where I originally found the code.

 

Code Snippet

1. static void Main(string[] args)
2. {
3.     string groupName = "Domain Users";
4.     string domainName = "";
5.  
6.     PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domainName);
7.     GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, groupName);
8.  
9.     if (grp != null)
10.     {
11.          foreach (Principal p in grp.GetMembers(false))
12.             {
13.                 Console.WriteLine(p.SamAccountName + " - " + p.DisplayName);
14.             }
15.  
16.  
17.         grp.Dispose();
18.         ctx.Dispose();
19.         Console.ReadLine();
20.     }
21.     else
22.     {
23.         Console.WriteLine("\nWe did not find that group in that domain, perhaps the group resides in a different domain?");
24.         Console.ReadLine();
25.     }
26. }

Answer 4

Here's the code I used for a similar project I worked on.  I don't have the link, where I originally found the code.

 

Code Snippet

1. static void Main(string[] args)
2. {
3.     string groupName = "Domain Users";
4.     string domainName = "";
5.  
6.     PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domainName);
7.     GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, groupName);
8.  
9.     if (grp != null)
10.     {
11.          foreach (Principal p in grp.GetMembers(false))
12.             {
13.                 Console.WriteLine(p.SamAccountName + " - " + p.DisplayName);
14.             }
15.  
16.  
17.         grp.Dispose();
18.         ctx.Dispose();
19.         Console.ReadLine();
20.     }
21.     else
22.     {
23.         Console.WriteLine("\nWe did not find that group in that domain, perhaps the group resides in a different domain?");
24.         Console.ReadLine();
25.     }
26. }

Answer 5

Awesome!  This worked like a charm!  Thank you so much!

 

So, does anyone know why going about it this way works, but the way I was trying doesn't?

Answer 6

Hello,

 How could I access the property the user's mail from a group of AD?

 In your code would be here?

 foreach (p in Main grp.GetMembers (false))
             {
                 p.Email?
             }

 thank you

---

k2rto4 - Analista SharePoint Jr.

Answer 7

Hello,

 How could I access the property the user's mail from a group of AD?

 In your code would be here?

 foreach (p in Main grp.GetMembers (false))
             {
                 p.Email?
             }

 thank you

---

k2rto4 - Analista SharePoint Jr.

             foreach (p in Main grp.GetMembers (false))
             {

                  if (p.StructuralObjectClass == "user")
                 {
                       var uP = (UserPrincipal)p;
                       if (uP != null)
                       {
                              string emailAddress = uP.EmailAddress;                      

                       }
                  }   

             }

Answer 8

Here's the code I used for a similar project I worked on.  I don't have the link, where I originally found the code.

Code Snippet

• static void Main(string[] args)
• {
•     string groupName = "Domain Users";
•     string domainName = "";
•     PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domainName);
•     GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, groupName);
•     if (grp != null)
•     {
•          foreach (Principal p in grp.GetMembers(false))
•             {
•                 Console.WriteLine(p.SamAccountName + " - " + p.DisplayName);
•             }
•         grp.Dispose();
•         ctx.Dispose();
•         Console.ReadLine();
•     }
•     else
•     {
•         Console.WriteLine("\nWe did not find that group in that domain, perhaps the group resides in a different domain?");
•         Console.ReadLine();
•     }
• }

Great example, and it works :)