G
Guest
Hello, everybody.
I'd like to do this: For a big program (a web service) I need information
about the usergroups an active-directory-user is member of. To be more
precise, I need to know if a particular user is in a particular group or not.
This is my first Active-Directory-query in a C#-program, so it might look
crude or primitive...well, it doesn't work anyway...
The interesting part of the code is this:
public bool GetADUserGroups(string userName, string gruppe)
{
bool ergebnis = false;
DirectoryEntry ebr = new
DirectoryEntry("LDAP://DOMAINE.DO","DOMAIN_USER","PASSWORD");
/*(do I need a domain admin for this or is a standard domain user
sufficient)*/
DirectorySearcher search = new DirectorySearcher(ebr);
/*(these are the many filter variants I tried. Except for the last one that
is not a comment, all terminated with errors)*/
//search.Filter = String.Format("(cn={0})", userName);
//search.Filter =
String.Format("&(objectClass=user)(userprincipalname={0})", userName);
//search.Filter = "&(objectClass=user)(userprincipalname=" +
userName + ")";
search.Filter = "(objectClass=user)";
/*(the username has the format "firstname.lastname", just like the login
name)*/
search.PropertiesToLoad.Add("memberOf");
search.PropertiesToLoad.Add("samAccountName");
foreach (SearchResult table in search.FindAll())
{
int groupCount = table.Properties["memberOf"].Count;
logger.LogInfo(table.Properties["samAccountName"].ToString());
if (table.Properties["samAccountName"].ToString() == userName)
{
for (int i = 0; i < groupCount; i++)
{
logger.LogInfo(table.Properties["memberOf"].ToString());
if (table.Properties["mebmerOf"].ToString() ==
gruppe)
{
ergebnis = true;
}
}
}
}
return ergebnis;
}
So, I'm finally there where I don't have any more ideas. I'm still trying,
but I'm feeling like any idea is a very long shot...
I'd be glad about any help you can provide. Many thanks in advance!
I'd like to do this: For a big program (a web service) I need information
about the usergroups an active-directory-user is member of. To be more
precise, I need to know if a particular user is in a particular group or not.
This is my first Active-Directory-query in a C#-program, so it might look
crude or primitive...well, it doesn't work anyway...
The interesting part of the code is this:
public bool GetADUserGroups(string userName, string gruppe)
{
bool ergebnis = false;
DirectoryEntry ebr = new
DirectoryEntry("LDAP://DOMAINE.DO","DOMAIN_USER","PASSWORD");
/*(do I need a domain admin for this or is a standard domain user
sufficient)*/
DirectorySearcher search = new DirectorySearcher(ebr);
/*(these are the many filter variants I tried. Except for the last one that
is not a comment, all terminated with errors)*/
//search.Filter = String.Format("(cn={0})", userName);
//search.Filter =
String.Format("&(objectClass=user)(userprincipalname={0})", userName);
//search.Filter = "&(objectClass=user)(userprincipalname=" +
userName + ")";
search.Filter = "(objectClass=user)";
/*(the username has the format "firstname.lastname", just like the login
name)*/
search.PropertiesToLoad.Add("memberOf");
search.PropertiesToLoad.Add("samAccountName");
foreach (SearchResult table in search.FindAll())
{
int groupCount = table.Properties["memberOf"].Count;
logger.LogInfo(table.Properties["samAccountName"].ToString());
if (table.Properties["samAccountName"].ToString() == userName)
{
for (int i = 0; i < groupCount; i++)
{
logger.LogInfo(table.Properties["memberOf"].ToString());
if (table.Properties["mebmerOf"].ToString() ==
gruppe)
{
ergebnis = true;
}
}
}
}
return ergebnis;
}
So, I'm finally there where I don't have any more ideas. I'm still trying,
but I'm feeling like any idea is a very long shot...
I'd be glad about any help you can provide. Many thanks in advance!