ActiveDirectory Search Help

Posted on 2005-05-05
Medium Priority
Last Modified: 2012-05-05
i am writing a ActiveDirectory DirectorySearcher with Filter.
I need to be able to find out whether a user belongs to a particular group.

I found that I can find all the groups the user belongs to by using the following:

DirectoryEntry dn = new DirectoryEntry("LDAP://DOMAIN");
                        string userName = "SOMEONE";
                        string filter = string.Format("(&(objectCategory=person)(objectClass=user)(sAMAccountName={0})(sn=chen))", userName);
                        DirectorySearcher mySearch = new DirectorySearcher(dn, filter);
                        SearchResult mySearchResult = mySearch.FindOne();

But what I really want to find out is whether this user belongs to group "A" (or anything I specify)

I am thinking of using regular expression to parse all the groups the user belongs to then if there is a match return true. However, I would like a cleaner way of doing this.

Right now the hierachy of the memberOf is as following:

CN=GroupName, OU=Groups, OU=DomainName, DC=Domain, DC=com

Is there a way I can specify a sub directory of memberOf in my filter string??
I have tried (memberof=CN=GroupName) and that failed.

Thanks for any help you can give
Question by:lordiano
1 Comment
LVL 20

Accepted Solution

ihenry earned 1500 total points
ID: 13953143
You need to specify full-qualified distinguishedName of the group object in the query filter, which is something like this


But since memberOf is not indexable, the search would be pretty slow if it returns lots of users.

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
Kernel Data Recovery is a renowned Data Recovery solution provider which offers wide range of softwares for both enterprise and home users with its cost-effective solutions. Let's have a quick overview of the journey and data recovery tools range he…
Hi, this video explains a free download that you can incorporate into your Access databases, or use stand-alone for contact management. Contacts -- Names, Addresses, Phone Numbers, eMail Addresses, Websites, Lists, Projects, Notes, Attachments…

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question