.Net 4.5 application: Unable to determine Active Directory Group membership for nested groups

I have an ASP.Net 4.5 application using integrated security.  I have no problem finding the groups the logged in user is directly a member off but am unable to return the groups they are a member of via nested group membership.  

The code below returns only user who are directly a member of the group:
var MyDomain = new PrincipalContext(ContextType.Domain, "MyDomain");
GroupPrincipal grp = GroupPrincipal.FindByIdentity(MyDomain, IdentityType.Name, "MyGroupName");

foreach (var p in grp.GetMembers(true))
	testing += p.Name + "<br>";

Open in new window


And this code returns only groups the user is directly a member of:

var MyDomain = new PrincipalContext(ContextType.Domain, "MyDomain");
UserPrincipal usr = UserPrincipal.FindByIdentity(MyDomain, Request.LogonUserIdentity.Name);

foreach (var p in usr.GetGroups())
	testing += "<br>" + p.Name;

Open in new window



How can I retrieve all the users associated with a given group or all the groups associated with a given user?

Ideally I want to ask "Is this user a member of this group" like the functionality the IsMemberOf() provides.  This is how I started this only to find that the method does not support nested groups either.
canuckconsultingAsked:
Who is Participating?
 
Ammar GaffarSoftware EngineerCommented:
Hi,
Try this function
 private bool IsUserInGroup(string groupName, string userName, string domainName)
        {
            bool toReturn = false;
           
                // set up domain context
                PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domainName);
                // find a user                
                UserPrincipal user = UserPrincipal.FindByIdentity(ctx, userName);

                // find the group in question
                GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, groupName);
                if (user != null)
                {
                    // check if user is member of that group
                    if (user.IsMemberOf(group))
                    {
                        toReturn = true;
                    }
                }
            
            return toReturn;
        }

Open in new window


I am using this dll: System.DirectoryServices.AccountManagement
Path: C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.5\System.DirectoryServices.AccountManagement.dll
0
 
canuckconsultingAuthor Commented:
Sorry for delay replying
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.