• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 348
  • Last Modified:

Selecting members of a group in AD with .Net

I have an LDAP query where I am trying to pull the names of users from a specific AD group.  It is pulling the group info and it shows me one user.  It doesn't seem to be enumerating through all of the users and I can't figure out why.  I tried changing my filter to user instead of group but then I don't get anything back.  Any idea why?

Here is the query that I am currently using:

  'Set up LDAP connection and search setting
        Dim AD As New DirectoryEntry("LDAP://CN=SelectedGroup,OU=groups,DC=My,DC=Domain,DC=Com ")
        Dim Searcher As New DirectorySearcher(AD)

        Searcher.Filter = ("(objectClass=group)")

        Searcher.PropertiesToLoad.Add("givenname")
        Searcher.PropertiesToLoad.Add("sn")
        Searcher.PropertiesToLoad.Add("member")
        Searcher.PropertiesToLoad.Add("memberof")
        Searcher.PropertiesToLoad.Add("sAMAccountName")

        Dim Results As SearchResultCollection
        Results = Searcher.FindAll()
        Dim result As SearchResult

        'Set up a data table to hold the info
        Dim myTable As New Data.DataTable("Results")
        Dim colName As String

        'iterate through each search property
        For Each colName In Searcher.PropertiesToLoad
            myTable.Columns.Add(colName, GetType(System.String))
        Next

        'add the results to the table
        For Each result In Results
            Dim dr As Data.DataRow = myTable.NewRow()

            For Each colName In Searcher.PropertiesToLoad

                If result.Properties.Contains(colName) Then
                    dr(colName) = result.Properties(colName)(0)
                End If
            Next
            myTable.Rows.Add(dr)
        Next
   
        'bind results to a gridview to easily manipulate look/feel of results
        Me.UserInfoGV.DataSource = myTable
        Me.UserInfoGV.DataBind()
0
scooter1977
Asked:
scooter1977
  • 7
  • 4
1 Solution
 
smcdrcCommented:
Is the group you are looking for their default group?  If so, it won't return their default group.

Do you have access to Active directory to tell if this one returned user has a different default group as the others?
0
 
scooter1977Author Commented:
no It's not the default group.  I went in and looked at the Users in AD and all members of that group are the same.  I was looking at my code again and I'm thinking that maybe I need to add another array to loop through the users????

0
 
scooter1977Author Commented:
This post here makes me think maybe I need to convert from a search result to a directory entry.  It's in C# though so I'm having some trouble following it.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
scooter1977Author Commented:
0
 
scooter1977Author Commented:
Someone, Anyone ???  
0
 
smcdrcCommented:
Here are some functions that work for me:
Function GetAllGroups(ByVal strDomain) As Collection
        Dim Computer
        Dim Group
        Dim listOfGroups As String = ""
        Dim col As Collection = New Collection


        'Computer = GetObject("WinNT://" & strDomain)
        'Dim filter As System.Object() = {"Group"}
        'Computer.Filter = filter

        Dim users As DirectoryEntry = GetEntry("CN=Users," + GetDomain())
        Dim search As New DirectorySearcher(users)
        search.Filter = "(objectClass=group)"
        search.Sort.PropertyName = "cn"
        For Each sResultSet As SearchResult In search.FindAll()


            'For Each Group In Computer
            Select Case GetProperty(sResultSet, "CN")
                Case "Dial-In Users", "DnsUpdateProxy", "Domain Computers", "Domain Controllers", "Domain Guests", "Enterprise Admins", _
                    "Group Policy Creator Owners", "Schema Admins", "Account Operators", "Administrators", "Backup Operators", "Distributed COM Users", _
                    "Guests", "Incoming Forest Trust Builders", "Network Configuration Operators", _
                    "Performance Log Users", "Performance Monitor Users", "Pre-Windows 2000 Compatible Access", "Print Operators", _
                    "Remote Desktop Users", "Replicator", "Server Operators", "Terminal Server License Servers", "Users", _
                    "Windows Authorization Access Group", "Cert Publishers", "RAS and IAS Servers", _
                    "HelpServicesGroup", "TelnetClients", "DnsAdmins", "DHCP Users", "DHCP Administrators"

                    'Exclude groups that do not need to be seen"
                    'Do nothing
                Case Else
                    col.Add(GetProperty(sResultSet, "CN"))
            End Select
        Next
        Return col
    End Function



Function GetAllUsersInGroup(ByVal strGroupName As String, ByVal strDomain As String) As Collection
        Dim col As New Collection
        Dim newCol As New Collection
        Dim Group
        Dim User

        '''''''''''''''''''''''''''''''''''''''''
        Dim result As SearchResult
        Dim resultColl As SearchResultCollection
        Dim search As DirectorySearcher = New DirectorySearcher()
        search.Filter = String.Format("(cn={0})", strGroupName)
        search.PropertiesToLoad.Add("member")
        result = search.FindOne()
        resultColl = search.FindAll()

        Dim userNames As ArrayList = New ArrayList()
        Dim user1 As String
        If (Not result Is Nothing) Then

            For counter As Integer = 0 To result.Properties("member").Count - 1
                user1 = ParseNameFromFullADName(result.Properties("member")(counter).ToString())
                col.Add(user1, user1)
            Next
        End If
        '''''''''''''''''''''''''''''''''''''''''

        Group = GetObject("WinNT://" & strDomain & "/" & strGroupName & ",group")
        For Each User In Group.Members
            col.Add(User.Name)
        Next
        Dim dt As Data.DataTable = GetAllUsers()

        Dim dv As New Data.DataView(dt)
        dv.Sort = "EmpLogon"
        Dim row As Integer
        For i As Integer = 1 To col.Count
            Select Case col(i).ToString().Trim().ToUpper()
                Case "Group 1",  "Group2", etc..., _ 'I use this to exlude users I do not want to show up
                    'Do nothing
                Case Else
                    'Dim tempUser As New AdUser(col(i).ToString(), strDomain)
                    'SEarch the dt to find the user's name
                    row = dv.Find(col(i).ToString().Trim())
                    If row >= 0 Then
                        If Not newCol.Contains(dv(row)("FullName").ToString().Trim()) Then
                            newCol.Add(dv(row)("FullName").ToString().Trim(), dv(row)("FullName").ToString().Trim())
                        End If
                    Else
                        If Not newCol.Contains(col(i).ToString().Trim()) Then
                            newCol.Add(col(i).ToString().Trim(), col(i).ToString().Trim())
                        End If
                    End If

            End Select

        Next
        Return SortCollection(newCol, "Name", True)
    End Function
0
 
scooter1977Author Commented:
do you know why my exsisting code is only returning one entry?
0
 
smcdrcCommented:
The member property is actually a set of individuals.  You need to loop through the set like this.  I believe that if you do not loop through it, you just get the first one.


Dim User
Group = GetObject("WinNT://" & strDomain & "/" & strGroupName & ",group")
        For Each User In Group.Members
            CollectionOfUsers.Add(User.Name)
        Next
0
 
scooter1977Author Commented:
ok great,  I got that to work.  FINALLY !!!  Now, one more question.  Can I get the user info like phone #, etc from that same query pointed at the groups or am I going to have to use the results returned (the user) to do another query and get all of their info?

Hope that made sense
0
 
smcdrcCommented:
You have to then use what is returned to get them individually.  That is why I call the GetAllUsers() method.  We only have 75 employees in our company, so this is feasible.  It may not be if you have 100K.

But, the member property only gives you the name.
0
 
scooter1977Author Commented:
ok, that's what it looked like to me but I wanted to make sure.  I can't thank you enough for the help.  This was killing me.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now