• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 297
  • Last Modified:

getting users againest LDAP group

i am trying to get LDAP group users but user are not retreaving i am putting code please look into it.

Public Function GetUsersForGroup() As ArrayList

        Dim userNames As New ArrayList
        Dim username = "******"
        Dim pwd = "******"

        Dim strLDAPPath As String
        strLDAPPath = "LDAP://domain name"

        Dim de As New DirectoryServices.DirectoryEntry(strLDAPPath) '<---make sure to change to your ad connstring
        de.Username = username
        de.Password = pwd '<--- domain account password
        de.AuthenticationType = DirectoryServices.AuthenticationTypes.None

        Dim deSearch As New DirectoryServices.DirectorySearcher(de)
        Dim groupname As String = "groupname" '<---group you wish to load

        deSearch.Filter = "(&(objectClass=group)(cn=" + groupname + "))"

        Dim results As DirectoryServices.SearchResultCollection = deSearch.FindAll()
        Dim result As DirectoryServices.SearchResult

        If (results.Count > 0) Then
            For Each result In results
                For Each member As String In result.Properties("member")
                    userNames.Add(member)
                Next
            Next
        End If

        Return userNames

    End Function

please check and give me feedback.

Thanks
0
farjack1
Asked:
farjack1
  • 13
  • 8
1 Solution
 
Chris DentPowerShell DeveloperCommented:

Hey,

Have you confirmed that the search is returning the group correctly?

Chris
0
 
farjack1Author Commented:
no not exactly, basicaly  groups are retreaving but not we required that are other, we have checked from LDAP guys they confirmed groups are on ldap the code of retreaving groups againest user is below, i don't know where is the problem in the code

Public Function GetUserGroups(ByVal UserName As String, ByVal Password As String, ByVal Environment As String) As List(Of String)

        Dim i As Integer
        Dim lineArray As Object
        Dim m_GroupList As New List(Of String)
     
        Dim entry As DirectoryEntry = New DirectoryEntry(strPathofLDAP)
        entry.AuthenticationType = AuthenticationTypes.None
        entry.Username = "uid=" & UserName & ",ou=people,dc=abc,dc=com"
        entry.Password = Password

        Dim search As DirectorySearcher = New DirectorySearcher(entry)
        Dim _filterAttribute = getUserName(UserName)

        search.Filter = "(cn=" & _filterAttribute & ")"

        search.PropertiesToLoad.Add("memberOf")

        Dim groupNames As New System.Text.StringBuilder()

        Try
            Dim result As SearchResult = search.FindOne()
            Dim propertyCount As Integer = result.Properties("memberOf").Count()
            Dim dn As String
            Dim equalsIndex, commaIndex As Integer
            Dim propertyCounter As Integer

            For propertyCounter = 0 To propertyCount - 1

                dn = result.Properties("memberOf")(propertyCounter)
                equalsIndex = dn.IndexOf("=", 1)
                commaIndex = dn.IndexOf(",", 1)

                If (-1 = equalsIndex) Then
                    groupNames.Append(dn)
                Else
                    groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1))
                    groupNames.Append("|")
                End If

            Next propertyCounter

        Catch ex As Exception
            Throw New Exception("Error obtaining group names. " + ex.Message)
        Finally
            'entry.Dispose()
            'entry = Nothing
            search = Nothing
        End Try

        'Spliting group name in in lineArray
        lineArray = Split(groupNames.ToString(), "|")

        'loop through on array and add in list
        For i = 0 To UBound(lineArray) - 1
            m_GroupList.Add(UCase(lineArray(i)))
        Next

        Return m_GroupList

    End Function
0
 
farjack1Author Commented:
Hry Chris can you please responde?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Chris DentPowerShell DeveloperCommented:

Sorry... quite busy.

This won't work against Active Directory:

        entry.Username = "uid=" & UserName & ",ou=people,dc=abc,dc=com"

You will find you won't be able to bind using UID=. Instead it would be:

        entry.Username = "CN=Users Name,OU=people,DC=abc,DC=com"

That makes getUserName a bit pointless as you already have the portion it retrieves as "Users Name".

Chris
0
 
farjack1Author Commented:
if i am defining like that

entry.Username = "CN=" & UserName & ",ou=people,dc=abc,dc=com"
its giving me error

as i am defining CN in filter

please suggest as per my above code

0
 
Chris DentPowerShell DeveloperCommented:

Is it giving you a invalid username and password error? That exception isn't handled by the Try / Catch above.

Chris
0
 
farjack1Author Commented:
now i handled exception like this, basically if put this line

entry.Username = "CN=" & UserName & ",ou=people,dc=ssga,dc=com"

ldap server is saying wrong uid and pass

 Try
            Dim entry As DirectoryEntry = New DirectoryEntry(strPath)
            entry.AuthenticationType = AuthenticationTypes.None
            entry.Username = "CN=" & UserName & ",ou=people,dc=ssga,dc=com"
            entry.Password = Password
            search = New DirectorySearcher(entry)

            search.Filter = "(cn=" & _filterAttribute & ")"
            search.PropertiesToLoad.Add("memberOf")
            result = search.FindOne()

            propertyCount = result.Properties("memberOf").Count()

        Catch ex As Exception
        End Try

but still have error object referance not set
0
 
Chris DentPowerShell DeveloperCommented:

When you say "UserName" do you mean the "name" attribute or sAMAccountName (user logon name)? The latter will not work, it must be the name of the object as it appears in the directory (AD Users and Computers, ADSIEdit, etc).

Chris
0
 
farjack1Author Commented:
UserName means userid AD user, its not sAMAccountName

when i am putting

entry.Username = "uid=" & UserName & ",ou=people,dc=abc,dc=com"

its connecting on ldap and working but groups are not retreaving agaiest

search.Filter = "(cn=" & _filterAttribute & ")"
search.PropertiesToLoad.Add("memberOf")
result = search.FindOne()
0
 
farjack1Author Commented:
i am sorry Chris i am bothering again , but now it became urgent
0
 
farjack1Author Commented:
Chris i am still waiting of your response.
0
 
farjack1Author Commented:
Hi Chris can you please responde?
0
 
Chris DentPowerShell DeveloperCommented:

Hey,

Sorry for the late reply.

I think you should test the Directory Entry you've created. After all, if the DirectoryEntry fails then the search will fail (as the DE is used as the search base).

As a minimum the Directory Entry should have name and distinguishedName attributes which can be tested.

Chris
0
 
farjack1Author Commented:
can you send me code example.

Thanks
0
 
Chris DentPowerShell DeveloperCommented:

This should be good enough:

Dim entry As DirectoryEntry = New DirectoryEntry(strPath)
entry.AuthenticationType = AuthenticationTypes.None
entry.Username = "CN=" & UserName & ",ou=people,dc=ssga,dc=com"
entry.Password = Password

Label1.Text = entry.Properties("distinguishedName").Item(0).ToString()

Obviously you should replace Label1.Text with something else that will help you see the value there.

Chris
0
 
farjack1Author Commented:
this is giving me error

'entry.Properties' is not declared or the module containing it is not loaded in the debugging session.
0
 
Chris DentPowerShell DeveloperCommented:

Rather suggests that the DirectoryEntry failed. What value is being used in strPath?

Chris
0
 
farjack1Author Commented:
yes DirectoryEntry  is getting failed and ldap path that is strPath is correct

LDAP://path/ou=people,dc=abc,dc=com
0
 
Chris DentPowerShell DeveloperCommented:

Okay, so either the user name and password used in the authentication string are incorrect, or the server / path are incorrect. Both of those should provide you with distinct error messages, but you don't get any?

Chris
0
 
farjack1Author Commented:
Chris today i will test this thing and will responde you.

Thanks
0
 
farjack1Author Commented:
Thanks Chris, i solved by my self
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 13
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now