C# get groups that a user is a member of in Active Directory

c# active-directory
13,509

You should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
    // find a user
    UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");

    if(user != null)
    {
       // get the user's groups
       var groups = user.GetAuthorizationGroups();

       foreach(GroupPrincipal group in groups)
       {
           // do whatever you need to do with those groups
       }
    }

}

The new S.DS.AM makes it really easy to play around with users and groups in AD!

Share:
13,509
msindle
Author by

msindle

Updated on June 29, 2022

Comments

  • msindle
    msindle almost 2 years

    I'm not a programmer by nature so I apologize in advance :) I'm using the code snippets from http://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C#39 and it has been really helpful. I'm using his method for getting user group memberships and it requires his AttributeValuesMultiString method as well. I don't have any syntax errors but when I call the Groups method via Groups("username", true) I get the following error:

    An unhandled exception of type 'System.Runtime.InteropServices.COMException' occurred in System.DirectoryServices.dll

    I have done some digging but nothing seems to really answer why I'm getting this error.

  • Joe
    Joe over 9 years
    I agree S.DS.AM is simpler - when it works. But be aware that it has bugs that Microsoft seems unable / unwilling to fix: connect.microsoft.com/VisualStudio/feedbackdetail/view/74879‌​0/…
  • Cody
    Cody over 8 years
    I always come back to having inconsistent issues with the AccountManagement DLL. It's a nightmare.
  • JsonStatham
    JsonStatham about 5 years
    @marc-s What if you want the groups that ARE NOT authorisation groups
  • Shruti
    Shruti almost 5 years
    @JsonStatham: On the user object, there is another function called user.GetGroups(). Maybe thats what you were looking for.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

DirectoryEntry to change password: Different behavior between Vista/Server2008
How to retrieve DirectoryEntry from a DirectoryEntry and a DN
I want to set "Password Must Change at Next Login" flag
Office 365 REST API calls from a .net console application
Retrieving User Account Expiration from ActiveDirectory
C# / ASP.NET / AD - "The specified directory service attribute or value does not exist."
How to retrieve login name of a user from Active Directory?
Query Active directory to get the email property of a distinguished name directly?
C# PrincipalSearcher, returning AD groups for specific OU
Query Active Directory from ASP.NET and bind result to List View