471,349 Members | 1,434 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,349 software developers and data experts.

Active directory: Get users associated with groups

Hi, can anyone please tell me (Given a group name) how I can retrieve just
those users associated with that group using Active Directory using LDAP??

I am using the code below with not much luck

Expand|Select|Wrap|Line Numbers
  1. DirectoryEntry entry = new DirectoryEntry("LDAP://" +
  2. Domain,"LoginUser","Password");
  3. DirectorySearcher Dsearch = new DirectorySearcher(entry);
  4. Dsearch.Filter = "objectCategory =All users"; // All users is a group in AD
  5.  
TIA
Mark

Jul 21 '05 #1
3 1777
Try using "LDAP://OU=All users,DC=Domain".

HTH, Jakob.
"Mark" wrote:
Hi, can anyone please tell me (Given a group name) how I can retrieve just
those users associated with that group using Active Directory using LDAP??

I am using the code below with not much luck

Expand|Select|Wrap|Line Numbers
  1.  DirectoryEntry entry = new DirectoryEntry("LDAP://" +
  2.  Domain,"LoginUser","Password");
  3.  DirectorySearcher Dsearch = new DirectorySearcher(entry);
  4.  Dsearch.Filter = "objectCategory =All users"; // All users is a group in AD
  5.  

TIA
Mark

Jul 21 '05 #2
Thanks Jakob, I will give this a try
Regards
Mark
"Jakob Christensen" <jc*@REMOVEpension.dk> wrote in message
news:08**********************************@microsof t.com...
Try using "LDAP://OU=All users,DC=Domain".

HTH, Jakob.
"Mark" wrote:
Hi, can anyone please tell me (Given a group name) how I can retrieve just those users associated with that group using Active Directory using LDAP??
I am using the code below with not much luck

Expand|Select|Wrap|Line Numbers
  1.  > DirectoryEntry entry = new DirectoryEntry("LDAP://" +
  2.  > Domain,"LoginUser","Password");
  3.  > DirectorySearcher Dsearch = new DirectorySearcher(entry);
  4.  > Dsearch.Filter = "objectCategory =All users"; // All users is a group in
  • AD
  •  > 

  • TIA
    Mark

    Jul 21 '05 #3
    >Hi, can anyone please tell me (Given a group name) how I can retrieve just
    those users associated with that group using Active Directory using LDAP??


    Insepect the user's "memberOf" property

    DirectoryEntry deUser = new DirectoryEntry("LDAP://......");

    foreach(string sGroupName in deUser.Properties["memberOf"])
    {
    Console.WriteLine(sGroupName);
    }

    This is the easy way of doing it - it will *NOT* show you the user's
    "primary group", nor any nested groups. For those you'd need to
    inspect the user object's "tokenGroups" attribute (which is a
    collection of SID's), and then resolve those SIDs to group names.

    Check out microsoft.public.adsi.general - there have been several
    posts on how to read the full group membership by means of
    "tokenGroups".

    HTH
    Marc

    ================================================== ==============
    Marc Scheuner May The Source Be With You!
    Berne, Switzerland m.scheuner -at- inova.ch
    Jul 21 '05 #4

    This discussion thread is closed

    Replies have been disabled for this discussion.

    Similar topics

    4 posts views Thread by Frank_00001 | last post: by
    3 posts views Thread by Luis Esteban Valencia | last post: by
    1 post views Thread by tangus via DotNetMonster.com | last post: by
    4 posts views Thread by Patrick.O.Ige | last post: by
    reply views Thread by XIAOLAOHU | last post: by

    By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

    To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.