Get user membership in Active Directory with C#, ASP.NEt

Posted on 2007-10-01
Last Modified: 2009-01-26
  I have a group set up in Active Directory. Only the member in this group can login to a website buit by C#.
To do this, I'd like know if the logined user is in this group. I know I can user Directory Services to find a user's active directory information. But how can I do with the group?

Many Thanks,

Question by:Jinghui Li
    LVL 4

    Accepted Solution

    I see 2 ways to do this...

    1) Use AD site membership and roles for this.. This way the same user name and password that they use in network is the same one as on the web site.  Then use role manager for setting up who can access the site.  I use AZMAN and link my AD Group with a WEb Role and control what Role has access via the web.config.  This will take a hour or 2 to set up but I beleve is worth it.. No having to set up two accounts.  Just add the person to the group and they have a account and access.

    Using the Membership Provider
    Using Role Manager.

    2)  If I understand right, you maybe setting up a account on your web site and just want to look for the group.
    the Group search is hard to read because of all the REM statements. and its in . But its generally as follows.

     string strUser;  
            Boolean binFlag;
           DirectoryEntry adsRoot = new DirectoryEntry("LDAP://OU=ADSI,DC=ent,DC=ds,DC=microsoft,DC=com");

            DirectorySearcher adsSearch = new DirectorySearcher(adsRoot);

            strUser = Page.User.Identity.Name;
            // Strip off domain name if it has it. Put in your own code to do it.
                adsSearch.Filter = "sAMAccountName=" & strUser;

                SearchResult oResult;
                binFlag = False;

                oResult = adsSearch.FindOne;
                foreach (string adsGrpcn in oResult.GetDirectoryEntry().Properties("memberof").Value)
                   if (adsGrpcn == "MyGroup")
                   {binFlag = true;}
           catch (Exception ex)
                Response.Write("I got the following error while trying to authenticate you: " + ex.Message);
            if (binFlag )
                Response.Write("You are authorized!");
                Response.Write("You are not authorized!");
    LVL 1

    Expert Comment

    Forced accept.

    EE Admin

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Suggested Solutions

    IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
    This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now