How can I view the groups a username is a member of in Active Directory using LDAP,C#

How can I view the groups a username is a member of in Active Directory?  

Here is something that I have thus far, and I'm able to connect, however I don't
have the slightest clue what some of the things in the queryFormat means.

Example, what is cn or gn?

Is there a simple way for a developer that does not know anything about LDAP to just
pass a username and get back their groups?

I'm using C#.

DirectoryEntry rootEntry = new DirectoryEntry("LDAP://test.mycompany:389");
rootEntry.AuthenticationType = AuthenticationTypes.None;
DirectorySearcher searcher = new DirectorySearcher(rootEntry);
var queryFormat = "(&(objectClass=user)(objectCategory=person)(|(SAMAccountName=*{0}*)(cn=*{0}*)(gn=*{0}*)(sn=*{0}*)(email=*{0}*)))";
silentthread2kSenior Software EngineerAsked:
Who is Participating?
Shaun VermaakTechnical Specialist/DeveloperCommented:
Rather use System.DirectoryServices.AccountManagement
// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "DOMAINNAME");

// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");

// find the group in question
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, "YourGroupNameHere");

if(user != null)
   // check if user is member of that group
   if (user.IsMemberOf(group))
     // do something.....

Open in new window
silentthread2kSenior Software EngineerAuthor Commented:
Thank you
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.