• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 251
  • Last Modified:

Display groups user is a member of

I use this ASP code to display the active directory groups that a user belongs to:

Function getUserGroups(sDomainName, sLogonName)
 On Error Resume Next
 Dim counter
counter=0
 Set oUser = GetObject("WinNT://" & sDomainName & "/" & sLogonName & ",user")
     For Each oGroup in oUser.Groups
             if(Left(Trim(oGroup.Name),2)="NN") then
          If (counter=0) then
                  IF SUserGroups="Domain Users" then
                        oGroup.Name =""
                  end if
                  sUserGroups="<option value='"& oGroup.Name &"'  selected>"& oGroup.Name & "</option> "
                  
          else
                  IF SUserGroups="Domain Users" then
                        oGroup.Name =""
                  end if
                  sUserGroups=sUserGroups & "<option value='"& oGroup.Name &"'>"& oGroup.Name & "</option> "
          end if
           end if
            counter=counter+1
     Next
getUserGroups=sUserGroups
set oUser=nothing    
End Function

It works fine if the group in AD is a security group - however I need it to also display distribution lists as well - anyone know how to do this?

Many thanks
0
NovoNordisk
Asked:
NovoNordisk
  • 7
  • 4
1 Solution
 
InteqamCommented:
is this what you mean?

Dim objGroup, strUser
Set objGroup = GetObject("LDAP://CN=myDistList,ou=Messaging,dc=myDomain,dc=com")
  For Each strUser in objGroup.Member      
     Set objUser =  GetObject("LDAP://" & strUser)
 Next
Set objGroup = Nothing
0
 
NovoNordiskAuthor Commented:
I cant get that code to work.  Can you give me a full working example using your code??
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
NovoNordiskAuthor Commented:
Can anyone help as I am still stuck with this!
0
 
InteqamCommented:
If you are working with Security Groups for a user on a Win2k domain, the LDAP provider does something that is very cool.  There is an attribute on the user
object called TokenGroups.  It is a constructed attribute that contains all of the SIDs for the security groups a user is a member of.  If you know the Groups
SID, you can then compare it to the list of SIDs provided in TokenGroups and determine if the user is a member of that group.  The neat thing is that this
attribute contains ALL security groups the user is a member of, including nested groups.


The following KB provides an example of how to enumerate the TokenGroups collection:
http://support.microsoft.com/support/kb/Articles/q301/9/16.asp 

If you are looking at group membership that is not part of the Security Groups, like distribution and Universal groups, then you are left with using the
MemberOf collection and walking each group in succession to find nested groups ( Possible on Win2k Native Mode Domains only).  This is a very network
intensive process because you must bind to each group object and walk the MemberOf collection.


0
 
NovoNordiskAuthor Commented:
Yes I am looking at distribution groups - do you know how to do this??
0
 
NovoNordiskAuthor Commented:
Fantastic thanks for your help!! Maybe you could also help with this one!?!

http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_21859089.html
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now