LDAP - get group's user

  • Thread starter Thread starter ffmelo
  • Start date Start date
F

ffmelo

Hi,

I have a user object (Directory Entry). How do I to get the groups
which this user is member.
I am using the LDAP.

thanks.
 
two ways.
1. You can try DirectorySearcher
DirectorySearcher search = new DirectorySearcher(entry);
search.PropertiesToLoad.Add("memberOf");

2. You can try DirectoryEntry.Invoke methoud
DirectoryEntry obUser = new DirectoryEntry(res.Path);
object obGroups = obUser.Invoke("Groups");
foreach (object ob in (IEnumerable)obGroups)
{
DirectoryEntry obGpEntry = new DirectoryEntry(ob);
groups.Add(obGpEntry.Name);
}
 
I have a user object (Directory Entry). How do I to get the groups
which this user is member.
I am using the LDAP.
Click to expand...

Insepect the user's "memberOf" property

DirectoryEntry deUser = new DirectoryEntry("LDAP://......");

foreach(string sGroupName in deUser.Properties["memberOf"])
{
Console.WriteLine(sGroupName);
}

This is the easy way of doing it - it will *NOT* show you the user's
"primary group", nor any nested groups. For those you'd need to
inspect the user object's "tokenGroups" attribute (which is a
collection of SID's), and then resolve those SIDs to group names.

Check out microsoft.public.adsi.general - there have been several
posts on how to read the full group membership by means of
"tokenGroups".

HTH
Marc

================================================================
Marc Scheuner May The Source Be With You!
Berne, Switzerland m.scheuner -at- inova.ch
 
Back
Top