Learn how to a build a cloud-first strategyRegister Now


Trying to remove a user from multiple security groups using VB.NET

Posted on 2008-11-11
Medium Priority
Last Modified: 2012-06-27
I'm trying to remove a user from multiple security groups using VB.NET. I can do it in vbs but .NET is killing me :o(
I know I have to find the user, enumerate what they have and then loop around each one removing them from the groups but I'm having no joy.
Looked around the web and can't quite put 2 and 2 together.

Would it be possible please for someone to throw together a brief bit of code that will:
1) Find one user in AD
2) List what groups they are in (if any)
3) Remove that user from those groups

I'm using Visual Studio 2008, got all my Imports ect and would appreciate this as I'm running out of time on a project.
Question by:stubar
LVL 41

Accepted Solution

graye earned 375 total points
ID: 22962336
Okey dokey...how's this for starters
'add a Refernce to "System.DirectoryServices"
Public Class Form1
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim ldap As String
        Dim obj As Object
        Dim entry, grp As System.DirectoryServices.DirectoryEntry
        Dim srch As System.DirectoryServices.DirectorySearcher
        Dim result As System.DirectoryServices.SearchResult
        ' Step 1... open AD
        ldap = "LDAP://" & DomainName.Text
        entry = New System.DirectoryServices.DirectoryEntry(ldap)
        srch = New DirectoryServices.DirectorySearcher(entry)
        ' Step 2... perform the search
        srch.Filter = "(&(&(objectClass=user)(objectCategory=person))(Name=" & UserName.Text & "))"
        result = srch.FindOne()
        ' a quick sanity check
        If IsNothing(result) Then
            MsgBox("Yikes, can't find that user!")
            Exit Sub
        End If
        ' Step 3... get the list of groups
        For Each obj In CType(result.GetDirectoryEntry.Invoke("Groups"), System.Collections.IEnumerable)
            ' cast it back to DirectoryEntry
            grp = New System.DirectoryServices.DirectoryEntry(obj)
            ' Step 4... remove the user from the group
    End Sub
End Class

Open in new window


Author Closing Comment

ID: 31515514
Apologies for the tardiness.
In the end I went with another option but as this solution fits the bill I am still awarding the points.
Thanks again.


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enums (shorthand for ‘enumerations’) are not often used by programmers but they can be quite valuable when they are.  What are they? An Enum is just a type of variable like a string or an Integer, but in this case one that you create that contains…
This article describes some techniques which will make your VBA or Visual Basic Classic code easier to understand and maintain, whether by you, your replacement, or another Experts-Exchange expert.
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…
Suggested Courses
Course of the Month21 days, 3 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question