tmitchell68
asked on
Using Active Directory to get a System Domain User's groups in C#
Hello,
I am attempting to use C# code to get the Active Directory groups that a user belongs to.
This is the code I have so far...
DirectoryEntry objRootEntry=new DirectoryEntry("");
DirectorySearcher objADSearcher=new DirectorySearcher(objRootE ntry);
string strLogin = <The user's userid>;
objADSearcher.Filter="(&(o bjectClass =user)(anr ="+strLogi n+"))";
objADSearcher.PropertiesTo Load.Add(" memberOf") ;
SearchResult objResult=objADSearcher.Fi ndOne();
if (objResult != null)
{
int groupCount = objResult.Properties["memb erOf"].Cou nt;
for (int counter=0; counter<groupCount; counter++)
{
string strGroup = (string)objResult.Properti es["member Of"][count er];
}
}
This works fine - as long as the user has a System Account. If the user has a Domain User Account, I get the following error:
Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.NullReferenceExcept ion: Object reference not set to an instance of an object.
Source Error:
Line 333: if (objResult != null)
Line 334: {
Line 335: int groupCount = objResult.Properties["memb erOf"].Cou nt;
Line 336:
Line 337: for (int counter=0; counter<groupCount; counter++)
"memberOf" doesn't seem to exist for Domain Users.
Any help or suggestions would be greatly appreciated.
Thank you in advance,
Tim
I am attempting to use C# code to get the Active Directory groups that a user belongs to.
This is the code I have so far...
DirectoryEntry objRootEntry=new DirectoryEntry("");
DirectorySearcher objADSearcher=new DirectorySearcher(objRootE
string strLogin = <The user's userid>;
objADSearcher.Filter="(&(o
objADSearcher.PropertiesTo
SearchResult objResult=objADSearcher.Fi
if (objResult != null)
{
int groupCount = objResult.Properties["memb
for (int counter=0; counter<groupCount; counter++)
{
string strGroup = (string)objResult.Properti
}
}
This works fine - as long as the user has a System Account. If the user has a Domain User Account, I get the following error:
Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.NullReferenceExcept
Source Error:
Line 333: if (objResult != null)
Line 334: {
Line 335: int groupCount = objResult.Properties["memb
Line 336:
Line 337: for (int counter=0; counter<groupCount; counter++)
"memberOf" doesn't seem to exist for Domain Users.
Any help or suggestions would be greatly appreciated.
Thank you in advance,
Tim
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you.
There's another attribute, "tokenGroups". It returns primary group and all groups membership including nested relationship, but security groups only. So depend on your active directory structure and what you want, this could quite complicated since you might need to use several methods to query group membership.