?
Solved

getting users againest LDAP group

Posted on 2009-04-14
24
Medium Priority
?
295 Views
Last Modified: 2012-08-14
i am trying to get LDAP group users but user are not retreaving i am putting code please look into it.

Public Function GetUsersForGroup() As ArrayList

        Dim userNames As New ArrayList
        Dim username = "******"
        Dim pwd = "******"

        Dim strLDAPPath As String
        strLDAPPath = "LDAP://domain name"

        Dim de As New DirectoryServices.DirectoryEntry(strLDAPPath) '<---make sure to change to your ad connstring
        de.Username = username
        de.Password = pwd '<--- domain account password
        de.AuthenticationType = DirectoryServices.AuthenticationTypes.None

        Dim deSearch As New DirectoryServices.DirectorySearcher(de)
        Dim groupname As String = "groupname" '<---group you wish to load

        deSearch.Filter = "(&(objectClass=group)(cn=" + groupname + "))"

        Dim results As DirectoryServices.SearchResultCollection = deSearch.FindAll()
        Dim result As DirectoryServices.SearchResult

        If (results.Count > 0) Then
            For Each result In results
                For Each member As String In result.Properties("member")
                    userNames.Add(member)
                Next
            Next
        End If

        Return userNames

    End Function

please check and give me feedback.

Thanks
0
Comment
Question by:farjack1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 8
24 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24178460

Hey,

Have you confirmed that the search is returning the group correctly?

Chris
0
 

Author Comment

by:farjack1
ID: 24179174
no not exactly, basicaly  groups are retreaving but not we required that are other, we have checked from LDAP guys they confirmed groups are on ldap the code of retreaving groups againest user is below, i don't know where is the problem in the code

Public Function GetUserGroups(ByVal UserName As String, ByVal Password As String, ByVal Environment As String) As List(Of String)

        Dim i As Integer
        Dim lineArray As Object
        Dim m_GroupList As New List(Of String)
     
        Dim entry As DirectoryEntry = New DirectoryEntry(strPathofLDAP)
        entry.AuthenticationType = AuthenticationTypes.None
        entry.Username = "uid=" & UserName & ",ou=people,dc=abc,dc=com"
        entry.Password = Password

        Dim search As DirectorySearcher = New DirectorySearcher(entry)
        Dim _filterAttribute = getUserName(UserName)

        search.Filter = "(cn=" & _filterAttribute & ")"

        search.PropertiesToLoad.Add("memberOf")

        Dim groupNames As New System.Text.StringBuilder()

        Try
            Dim result As SearchResult = search.FindOne()
            Dim propertyCount As Integer = result.Properties("memberOf").Count()
            Dim dn As String
            Dim equalsIndex, commaIndex As Integer
            Dim propertyCounter As Integer

            For propertyCounter = 0 To propertyCount - 1

                dn = result.Properties("memberOf")(propertyCounter)
                equalsIndex = dn.IndexOf("=", 1)
                commaIndex = dn.IndexOf(",", 1)

                If (-1 = equalsIndex) Then
                    groupNames.Append(dn)
                Else
                    groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1))
                    groupNames.Append("|")
                End If

            Next propertyCounter

        Catch ex As Exception
            Throw New Exception("Error obtaining group names. " + ex.Message)
        Finally
            'entry.Dispose()
            'entry = Nothing
            search = Nothing
        End Try

        'Spliting group name in in lineArray
        lineArray = Split(groupNames.ToString(), "|")

        'loop through on array and add in list
        For i = 0 To UBound(lineArray) - 1
            m_GroupList.Add(UCase(lineArray(i)))
        Next

        Return m_GroupList

    End Function
0
 

Author Comment

by:farjack1
ID: 24184922
Hry Chris can you please responde?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 71

Expert Comment

by:Chris Dent
ID: 24185171

Sorry... quite busy.

This won't work against Active Directory:

        entry.Username = "uid=" & UserName & ",ou=people,dc=abc,dc=com"

You will find you won't be able to bind using UID=. Instead it would be:

        entry.Username = "CN=Users Name,OU=people,DC=abc,DC=com"

That makes getUserName a bit pointless as you already have the portion it retrieves as "Users Name".

Chris
0
 

Author Comment

by:farjack1
ID: 24185475
if i am defining like that

entry.Username = "CN=" & UserName & ",ou=people,dc=abc,dc=com"
its giving me error

as i am defining CN in filter

please suggest as per my above code

0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24185685

Is it giving you a invalid username and password error? That exception isn't handled by the Try / Catch above.

Chris
0
 

Author Comment

by:farjack1
ID: 24185776
now i handled exception like this, basically if put this line

entry.Username = "CN=" & UserName & ",ou=people,dc=ssga,dc=com"

ldap server is saying wrong uid and pass

 Try
            Dim entry As DirectoryEntry = New DirectoryEntry(strPath)
            entry.AuthenticationType = AuthenticationTypes.None
            entry.Username = "CN=" & UserName & ",ou=people,dc=ssga,dc=com"
            entry.Password = Password
            search = New DirectorySearcher(entry)

            search.Filter = "(cn=" & _filterAttribute & ")"
            search.PropertiesToLoad.Add("memberOf")
            result = search.FindOne()

            propertyCount = result.Properties("memberOf").Count()

        Catch ex As Exception
        End Try

but still have error object referance not set
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24185923

When you say "UserName" do you mean the "name" attribute or sAMAccountName (user logon name)? The latter will not work, it must be the name of the object as it appears in the directory (AD Users and Computers, ADSIEdit, etc).

Chris
0
 

Author Comment

by:farjack1
ID: 24186017
UserName means userid AD user, its not sAMAccountName

when i am putting

entry.Username = "uid=" & UserName & ",ou=people,dc=abc,dc=com"

its connecting on ldap and working but groups are not retreaving agaiest

search.Filter = "(cn=" & _filterAttribute & ")"
search.PropertiesToLoad.Add("memberOf")
result = search.FindOne()
0
 

Author Comment

by:farjack1
ID: 24186897
i am sorry Chris i am bothering again , but now it became urgent
0
 

Author Comment

by:farjack1
ID: 24188946
Chris i am still waiting of your response.
0
 

Author Comment

by:farjack1
ID: 24193781
Hi Chris can you please responde?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24204640

Hey,

Sorry for the late reply.

I think you should test the Directory Entry you've created. After all, if the DirectoryEntry fails then the search will fail (as the DE is used as the search base).

As a minimum the Directory Entry should have name and distinguishedName attributes which can be tested.

Chris
0
 

Author Comment

by:farjack1
ID: 24204714
can you send me code example.

Thanks
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24204892

This should be good enough:

Dim entry As DirectoryEntry = New DirectoryEntry(strPath)
entry.AuthenticationType = AuthenticationTypes.None
entry.Username = "CN=" & UserName & ",ou=people,dc=ssga,dc=com"
entry.Password = Password

Label1.Text = entry.Properties("distinguishedName").Item(0).ToString()

Obviously you should replace Label1.Text with something else that will help you see the value there.

Chris
0
 

Author Comment

by:farjack1
ID: 24205189
this is giving me error

'entry.Properties' is not declared or the module containing it is not loaded in the debugging session.
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24205236

Rather suggests that the DirectoryEntry failed. What value is being used in strPath?

Chris
0
 

Author Comment

by:farjack1
ID: 24205357
yes DirectoryEntry  is getting failed and ldap path that is strPath is correct

LDAP://path/ou=people,dc=abc,dc=com
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24205438

Okay, so either the user name and password used in the authentication string are incorrect, or the server / path are incorrect. Both of those should provide you with distinct error messages, but you don't get any?

Chris
0
 

Author Comment

by:farjack1
ID: 24205868
Chris today i will test this thing and will responde you.

Thanks
0
 

Accepted Solution

by:
farjack1 earned 0 total points
ID: 24221326
Thanks Chris, i solved by my self
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Here's a look at newsworthy articles and community happenings during the last month.
The viewer will learn how to dynamically set the form action using jQuery.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question