scooter1977
asked on
Selecting members of a group in AD with .Net
I have an LDAP query where I am trying to pull the names of users from a specific AD group. It is pulling the group info and it shows me one user. It doesn't seem to be enumerating through all of the users and I can't figure out why. I tried changing my filter to user instead of group but then I don't get anything back. Any idea why?
Here is the query that I am currently using:
'Set up LDAP connection and search setting
Dim AD As New DirectoryEntry("LDAP://CN= SelectedGr oup,OU=gro ups,DC=My, DC=Domain, DC=Com ")
Dim Searcher As New DirectorySearcher(AD)
Searcher.Filter = ("(objectClass=group)")
Searcher.PropertiesToLoad. Add("given name")
Searcher.PropertiesToLoad. Add("sn")
Searcher.PropertiesToLoad. Add("membe r")
Searcher.PropertiesToLoad. Add("membe rof")
Searcher.PropertiesToLoad. Add("sAMAc countName" )
Dim Results As SearchResultCollection
Results = Searcher.FindAll()
Dim result As SearchResult
'Set up a data table to hold the info
Dim myTable As New Data.DataTable("Results")
Dim colName As String
'iterate through each search property
For Each colName In Searcher.PropertiesToLoad
myTable.Columns.Add(colNam e, GetType(System.String))
Next
'add the results to the table
For Each result In Results
Dim dr As Data.DataRow = myTable.NewRow()
For Each colName In Searcher.PropertiesToLoad
If result.Properties.Contains (colName) Then
dr(colName) = result.Properties(colName) (0)
End If
Next
myTable.Rows.Add(dr)
Next
'bind results to a gridview to easily manipulate look/feel of results
Me.UserInfoGV.DataSource = myTable
Me.UserInfoGV.DataBind()
Here is the query that I am currently using:
'Set up LDAP connection and search setting
Dim AD As New DirectoryEntry("LDAP://CN=
Dim Searcher As New DirectorySearcher(AD)
Searcher.Filter = ("(objectClass=group)")
Searcher.PropertiesToLoad.
Searcher.PropertiesToLoad.
Searcher.PropertiesToLoad.
Searcher.PropertiesToLoad.
Searcher.PropertiesToLoad.
Dim Results As SearchResultCollection
Results = Searcher.FindAll()
Dim result As SearchResult
'Set up a data table to hold the info
Dim myTable As New Data.DataTable("Results")
Dim colName As String
'iterate through each search property
For Each colName In Searcher.PropertiesToLoad
myTable.Columns.Add(colNam
Next
'add the results to the table
For Each result In Results
Dim dr As Data.DataRow = myTable.NewRow()
For Each colName In Searcher.PropertiesToLoad
If result.Properties.Contains
dr(colName) = result.Properties(colName)
End If
Next
myTable.Rows.Add(dr)
Next
'bind results to a gridview to easily manipulate look/feel of results
Me.UserInfoGV.DataSource = myTable
Me.UserInfoGV.DataBind()
ASKER
no It's not the default group. I went in and looked at the Users in AD and all members of that group are the same. I was looking at my code again and I'm thinking that maybe I need to add another array to loop through the users????
ASKER
This post here makes me think maybe I need to convert from a search result to a directory entry. It's in C# though so I'm having some trouble following it.
ASKER
sorry... here's the post I was refereing to:
https://www.experts-exchange.com/questions/21382278/Getting-the-groups-a-user-belongs-to-from-Active-Directory.html?sfQueryTermInfo=1+activ+directori+from+get+group+inform
https://www.experts-exchange.com/questions/21382278/Getting-the-groups-a-user-belongs-to-from-Active-Directory.html?sfQueryTermInfo=1+activ+directori+from+get+group+inform
ASKER
Someone, Anyone ???
Here are some functions that work for me:
Function GetAllGroups(ByVal strDomain) As Collection
Dim Computer
Dim Group
Dim listOfGroups As String = ""
Dim col As Collection = New Collection
'Computer = GetObject("WinNT://" & strDomain)
'Dim filter As System.Object() = {"Group"}
'Computer.Filter = filter
Dim users As DirectoryEntry = GetEntry("CN=Users," + GetDomain())
Dim search As New DirectorySearcher(users)
search.Filter = "(objectClass=group)"
search.Sort.PropertyName = "cn"
For Each sResultSet As SearchResult In search.FindAll()
'For Each Group In Computer
Select Case GetProperty(sResultSet, "CN")
Case "Dial-In Users", "DnsUpdateProxy", "Domain Computers", "Domain Controllers", "Domain Guests", "Enterprise Admins", _
"Group Policy Creator Owners", "Schema Admins", "Account Operators", "Administrators", "Backup Operators", "Distributed COM Users", _
"Guests", "Incoming Forest Trust Builders", "Network Configuration Operators", _
"Performance Log Users", "Performance Monitor Users", "Pre-Windows 2000 Compatible Access", "Print Operators", _
"Remote Desktop Users", "Replicator", "Server Operators", "Terminal Server License Servers", "Users", _
"Windows Authorization Access Group", "Cert Publishers", "RAS and IAS Servers", _
"HelpServicesGroup", "TelnetClients", "DnsAdmins", "DHCP Users", "DHCP Administrators"
'Exclude groups that do not need to be seen"
'Do nothing
Case Else
col.Add(GetProperty(sResul tSet, "CN"))
End Select
Next
Return col
End Function
Function GetAllUsersInGroup(ByVal strGroupName As String, ByVal strDomain As String) As Collection
Dim col As New Collection
Dim newCol As New Collection
Dim Group
Dim User
'''''''''''''''''''''''''' '''''''''' '''''
Dim result As SearchResult
Dim resultColl As SearchResultCollection
Dim search As DirectorySearcher = New DirectorySearcher()
search.Filter = String.Format("(cn={0})", strGroupName)
search.PropertiesToLoad.Ad d("member" )
result = search.FindOne()
resultColl = search.FindAll()
Dim userNames As ArrayList = New ArrayList()
Dim user1 As String
If (Not result Is Nothing) Then
For counter As Integer = 0 To result.Properties("member" ).Count - 1
user1 = ParseNameFromFullADName(re sult.Prope rties("mem ber")(coun ter).ToStr ing())
col.Add(user1, user1)
Next
End If
'''''''''''''''''''''''''' '''''''''' '''''
Group = GetObject("WinNT://" & strDomain & "/" & strGroupName & ",group")
For Each User In Group.Members
col.Add(User.Name)
Next
Dim dt As Data.DataTable = GetAllUsers()
Dim dv As New Data.DataView(dt)
dv.Sort = "EmpLogon"
Dim row As Integer
For i As Integer = 1 To col.Count
Select Case col(i).ToString().Trim().T oUpper()
Case "Group 1", "Group2", etc..., _ 'I use this to exlude users I do not want to show up
'Do nothing
Case Else
'Dim tempUser As New AdUser(col(i).ToString(), strDomain)
'SEarch the dt to find the user's name
row = dv.Find(col(i).ToString(). Trim())
If row >= 0 Then
If Not newCol.Contains(dv(row)("F ullName"). ToString() .Trim()) Then
newCol.Add(dv(row)("FullNa me").ToStr ing().Trim (), dv(row)("FullName").ToStri ng().Trim( ))
End If
Else
If Not newCol.Contains(col(i).ToS tring().Tr im()) Then
newCol.Add(col(i).ToString ().Trim(), col(i).ToString().Trim())
End If
End If
End Select
Next
Return SortCollection(newCol, "Name", True)
End Function
Function GetAllGroups(ByVal strDomain) As Collection
Dim Computer
Dim Group
Dim listOfGroups As String = ""
Dim col As Collection = New Collection
'Computer = GetObject("WinNT://" & strDomain)
'Dim filter As System.Object() = {"Group"}
'Computer.Filter = filter
Dim users As DirectoryEntry = GetEntry("CN=Users," + GetDomain())
Dim search As New DirectorySearcher(users)
search.Filter = "(objectClass=group)"
search.Sort.PropertyName = "cn"
For Each sResultSet As SearchResult In search.FindAll()
'For Each Group In Computer
Select Case GetProperty(sResultSet, "CN")
Case "Dial-In Users", "DnsUpdateProxy", "Domain Computers", "Domain Controllers", "Domain Guests", "Enterprise Admins", _
"Group Policy Creator Owners", "Schema Admins", "Account Operators", "Administrators", "Backup Operators", "Distributed COM Users", _
"Guests", "Incoming Forest Trust Builders", "Network Configuration Operators", _
"Performance Log Users", "Performance Monitor Users", "Pre-Windows 2000 Compatible Access", "Print Operators", _
"Remote Desktop Users", "Replicator", "Server Operators", "Terminal Server License Servers", "Users", _
"Windows Authorization Access Group", "Cert Publishers", "RAS and IAS Servers", _
"HelpServicesGroup", "TelnetClients", "DnsAdmins", "DHCP Users", "DHCP Administrators"
'Exclude groups that do not need to be seen"
'Do nothing
Case Else
col.Add(GetProperty(sResul
End Select
Next
Return col
End Function
Function GetAllUsersInGroup(ByVal strGroupName As String, ByVal strDomain As String) As Collection
Dim col As New Collection
Dim newCol As New Collection
Dim Group
Dim User
''''''''''''''''''''''''''
Dim result As SearchResult
Dim resultColl As SearchResultCollection
Dim search As DirectorySearcher = New DirectorySearcher()
search.Filter = String.Format("(cn={0})", strGroupName)
search.PropertiesToLoad.Ad
result = search.FindOne()
resultColl = search.FindAll()
Dim userNames As ArrayList = New ArrayList()
Dim user1 As String
If (Not result Is Nothing) Then
For counter As Integer = 0 To result.Properties("member"
user1 = ParseNameFromFullADName(re
col.Add(user1, user1)
Next
End If
''''''''''''''''''''''''''
Group = GetObject("WinNT://" & strDomain & "/" & strGroupName & ",group")
For Each User In Group.Members
col.Add(User.Name)
Next
Dim dt As Data.DataTable = GetAllUsers()
Dim dv As New Data.DataView(dt)
dv.Sort = "EmpLogon"
Dim row As Integer
For i As Integer = 1 To col.Count
Select Case col(i).ToString().Trim().T
Case "Group 1", "Group2", etc..., _ 'I use this to exlude users I do not want to show up
'Do nothing
Case Else
'Dim tempUser As New AdUser(col(i).ToString(), strDomain)
'SEarch the dt to find the user's name
row = dv.Find(col(i).ToString().
If row >= 0 Then
If Not newCol.Contains(dv(row)("F
newCol.Add(dv(row)("FullNa
End If
Else
If Not newCol.Contains(col(i).ToS
newCol.Add(col(i).ToString
End If
End If
End Select
Next
Return SortCollection(newCol, "Name", True)
End Function
ASKER
do you know why my exsisting code is only returning one entry?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok great, I got that to work. FINALLY !!! Now, one more question. Can I get the user info like phone #, etc from that same query pointed at the groups or am I going to have to use the results returned (the user) to do another query and get all of their info?
Hope that made sense
Hope that made sense
You have to then use what is returned to get them individually. That is why I call the GetAllUsers() method. We only have 75 employees in our company, so this is feasible. It may not be if you have 100K.
But, the member property only gives you the name.
But, the member property only gives you the name.
ASKER
ok, that's what it looked like to me but I wanted to make sure. I can't thank you enough for the help. This was killing me.
Do you have access to Active directory to tell if this one returned user has a different default group as the others?