473,698 Members | 2,283 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

LDAP: How to retrieve info for AD Users PrimaryGroup

I'm extracting info for users and group in our domain using
directoryservic es. This is working well except I have one more piece I need
to finish which I'm stuck on. I need to (a) query the info for a users
primary group so I can add it to my displayed list of groups for a user and
(b) I want to display all members of a group which means I need to query all
the users who's primarygroup is the group I'm looking at so I can then
append that to the users who are in the memberof property.

So can someone assist on how to go about this. for (a) above, I've read it
has to do with building a sid for the domain, parsing it and then appending
the primarygroupid from the user and then using this info to query the
group. But I'm lost as to how to do this using .Net (I've seen script
examples) and to do (b) above.

Can someone help me out with this? If you have a VB.Net example, great,
but C# will do too.
Thanks
Brad
Nov 20 '05 #1
2 8402
Hi Brad,

A)
You may take a look at the link below

http://groups.google.com/groups?q=gr...ary+group&hl=e
n&lr=&ie=UTF-8&oe=UTF-8&selm=SiqJ6NO5 CHA.1536%40cpms ftngxa08.phx.gb l&rnum=3

Or use the sample
Function GetUserPrimaryG roup(ByVal user As DirectoryEntry) As String
Dim primaryGroupID As Integer = user.Properties ("primaryGroupI D").Value
Dim objectSid As Byte() = user.Properties ("objectSid").V alue
Dim escapedGroupSid As New System.Text.Str ingBuilder()
'Copy over everything but the last four bytes(sub-authority/RID)
'Doing so gives a the prefix SID for objects in the user's domain
Dim i As Integer
For i = 0 To (objectSid.Leng th - 4) - 1
escapedGroupSid .AppendFormat(" \{0:x2}", objectSid(i))
Next i

'Add the primaryGroupID( RID) to the escape string to build the SID of
the
primaryGroup
For i = 0 To 3
escapedGroupSid .AppendFormat(" \{0:x2}", primaryGroupID And &HFF)
'This is like primaryGroupID >>= 8; in C#
primaryGroupID = primaryGroupID / (2 ^ 8) 'Move on to the next byte
Next i
'Search the directory for a group with this SID
Dim searcher As New DirectorySearch er()
searcher.Filter = "(&(objectCateg ory=Group)(obje ctSID=" +
escapedGroupSid .ToString() + "))"
searcher.Proper tiesToLoad.Add( "distinguishedN ame")
Return CStr(searcher.F indOne().Proper ties("distingui shedName")(0))
End Function 'GetUserPrimary Group

B)
Add a reference ADO and run the sample below in VB.NET
Private Sub Command1_Click( ByVal eventSender As System.Object, ByVal
eventArgs As System.EventArg s) Handles Command1.Click
Dim cn As ADODB.Connectio n
Dim rs As ADODB.Recordset
cn = New ADODB.Connectio n
cn.Provider = "ADsDSOObje ct"
cn.Open()
rs = cn.Execute("sel ect AdsPath,SAMAcco untName from
'LDAP://CN=Users,DC=far east,DC=corp,DC =microsoft,DC=c om' where
objectClass='us er' and objectCategory= 'person'")
While Not rs.EOF

System.Diagnost ics.Debug.Write Line(VB6.TabLay out(rs.Fields(" AdsPath").Value ,
rs.Fields("SAMA ccountName").Va lue))
rs.MoveNext()
End While
rs.Close()
cn.Close()
rs = Nothing
cn = Nothing
End Sub

If you have any concern on this question, please post here.

Regards,
Peter Huang
Microsoft Online Partner Support
Get Secure! www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

Nov 20 '05 #2
Thanks

"Peter Huang" <v-******@online.m icrosoft.com> wrote in message
news:K8******** *****@cpmsftngx a06.phx.gbl...
Hi Brad,

A)
You may take a look at the link below

http://groups.google.com/groups?q=gr...ary+group&hl=e n&lr=&ie=UTF-8&oe=UTF-8&selm=SiqJ6NO5 CHA.1536%40cpms ftngxa08.phx.gb l&rnum=3
Or use the sample
Function GetUserPrimaryG roup(ByVal user As DirectoryEntry) As String
Dim primaryGroupID As Integer = user.Properties ("primaryGroupI D").Value Dim objectSid As Byte() = user.Properties ("objectSid").V alue
Dim escapedGroupSid As New System.Text.Str ingBuilder()
'Copy over everything but the last four bytes(sub-authority/RID)
'Doing so gives a the prefix SID for objects in the user's domain
Dim i As Integer
For i = 0 To (objectSid.Leng th - 4) - 1
escapedGroupSid .AppendFormat(" \{0:x2}", objectSid(i))
Next i

'Add the primaryGroupID( RID) to the escape string to build the SID of
the
primaryGroup
For i = 0 To 3
escapedGroupSid .AppendFormat(" \{0:x2}", primaryGroupID And &HFF)
'This is like primaryGroupID >>= 8; in C#
primaryGroupID = primaryGroupID / (2 ^ 8) 'Move on to the next byte Next i
'Search the directory for a group with this SID
Dim searcher As New DirectorySearch er()
searcher.Filter = "(&(objectCateg ory=Group)(obje ctSID=" +
escapedGroupSid .ToString() + "))"
searcher.Proper tiesToLoad.Add( "distinguishedN ame")
Return CStr(searcher.F indOne().Proper ties("distingui shedName")(0))
End Function 'GetUserPrimary Group

B)
Add a reference ADO and run the sample below in VB.NET
Private Sub Command1_Click( ByVal eventSender As System.Object, ByVal
eventArgs As System.EventArg s) Handles Command1.Click
Dim cn As ADODB.Connectio n
Dim rs As ADODB.Recordset
cn = New ADODB.Connectio n
cn.Provider = "ADsDSOObje ct"
cn.Open()
rs = cn.Execute("sel ect AdsPath,SAMAcco untName from
'LDAP://CN=Users,DC=far east,DC=corp,DC =microsoft,DC=c om' where
objectClass='us er' and objectCategory= 'person'")
While Not rs.EOF

System.Diagnost ics.Debug.Write Line(VB6.TabLay out(rs.Fields(" AdsPath").Value , rs.Fields("SAMA ccountName").Va lue))
rs.MoveNext()
End While
rs.Close()
cn.Close()
rs = Nothing
cn = Nothing
End Sub

If you have any concern on this question, please post here.

Regards,
Peter Huang
Microsoft Online Partner Support
Get Secure! www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.

Nov 20 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
2
5522
Sorting Active Directory/LDAP Output (Lastname, Firstname)
by: Victor Lokhmatov | last post by:
Hello Everyone, My company has asked me to put a company directory on our intranet site and I'm trying to use php to extract the users from our active directory server. I've got everything working, however, when the list of users is shown in the output, it seems to display the users in the order their accounts were created, with Administrator obviously being first. What do you think would be the best way to get the list to be sorted by...
PHP
5
2869
open ldap authentication without redundant log-in
by: dmcconkey | last post by:
Hi folks, I've been searching for a while and haven't found my specific question anywhere else. If this has already been asked, please accept my appologies and point me to the appropriate thread. I'm bidding on a PHP intranet development contract. One of the specific requirements is that the app interface with the company's existing Open LDAP server for user authentication.
PHP
1
29232
Using LDAP Provider to retrieve First Name and Last Name
by: Prasad Karunakaran | last post by:
I am using the C# DirectoryEntry class to retrieve the Properties of an user object in the Active Directory. I need to get the First Name and Last Name as properties. I know it is not supported with the ADSI NT Provider and only supported in the LDAP Provider. So given an UserId (UID) how can I read the First Name and Last Name using LDAP Provider. If anybody can help me with a C# sample code it would of great help. Thanks in advance.
.NET Framework
0
1094
Bind to Novells LDAP using current login token
by: aiKeith | last post by:
Hello, Here is my situation. I have developed several apps that require authentication to access. For authentication, I have the users enter thier user/pass and click login, which is then sent to an LDAP Server (NOVELL) - if binding is successful, I use the login object to retrieve various fields/attributes of the LDAP directory for that user. This works just fine, but what I want to do is transparently log the user in - so they do...
.NET Framework
3
360
LDAP
by: CodeRazor | last post by:
I am trying to retrieve a list of all the groups from Active Directory, so e.g. (Team Leaders, Accounts, Development etc). ( I am going on the assumption that email groups are the same as active directory groups...is this right?.). If not, how do i get the kinds of groups i describe? I'm working on an Human Resources app that needs to retrieve all groups and the users that belong to those groups. Where do I need to connect my...
C# / C Sharp
1
4577
py-ldap question
by: Laszlo Nagy | last post by:
Hello, I'm using the ldap module under Windows. This is the error that I get: import ldap l = ldap.initialize("ldaps://neptunus.msnet:636") l.simple_bind_s("cn=gandalf,ou=Users,dc=neptunus,dc=msnet","gandalf") l.search_s("ou=AddressBooks,dc=neptunus,dc=msnet", ldap.SCOPE_SUBTREE, "objectclass=inetOrgPerson")
Python
3
3890
LDAP authentication
by: Akkad | last post by:
hi every body. my question is : how to authenticate with LDAP server from the localhost (WAMP) ? coz when i am trying to authenticate using the same code that i have on the linux server (working perfectly) it is giving me the following error message: Fatal error: Call to undefined function ldap_connect() in C:\wamp\www\thesis\auth.php on line 21 <?php session_start();
PHP
3
1490
Regarding LDAP and PHP conectivity
by: thegainer | last post by:
hi all, I am new to this forum. I did some small projects in php using mysql connectivity. I used wamp for this. latform is windows XP and wamp is installed. I have no idea about LDAP. I know only the basic things. I have do an assignment to search(retrieve) the info stored in LDAP using php connectivity. Can any one help me with following things : 1. Will I require any LDAP server to be installed on my pc? 2. Should I make any changes...
PHP
1
5447
python-ldap reading an OU with more than 1000 objects
by: Erick Perez - Quadrian Enterprises, S.A. | last post by:
Hi, I have a MS Windows AD domain, and have one OU with more tan 1000 users objects. When I try to read it, I hit the 1000 limit of AD while returning objects, so I'm asking for advice as to how to read them. Here is my actual code, it is not the cleanest as I am learning python. Suggestions are welcomed :) Runnig this script on RedHat 5.x with "python zimbra2.py" returns: {'info': '', 'desc': 'Size limit exceeded'}
Python
0
8676
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
8608
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
9164
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
9029
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
0
8870
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
7734
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
6524
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
4370
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
4619
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us