Summary:
I needed a good way to get the groups for an active directory user, but in vb.net everything I saw was not quite what I needed or was in c# so I looked at an article available on MSDN, which is in c# and took out what I needed to get the groups for a certain user. There is one catch it will not return anything if there is not a "memberOf" attribute for a user. It actually errors out. so for this they are still a valid user they just are not in any other groups besides the "primary" group in AD so in the catch you can catch this and put in some code to handle these users.
1. In IIS go into Security and instead of using the default IIS username and password you have to add a valid username and password.
2. Add a reference to System.DirectoryServices and at the top of the codebehind add "Imports System.DirectoryServices"
Private Sub Page_Load(ByVal sender As System.Object, ByVal e _
As System.EventArgs) Handles MyBase.Load
Response.Write(GetGroups("LDAP://domainname", "username", "password"))
'Returns String of: "Group1|Group2|Group3|"
End Sub
Private Function GetGroups(ByVal _path As String, ByVal _
username As String, ByVal password As String) As String
Dim GroupString As String
Dim myDE As New System.DirectoryServices.DirectoryEntry(_path, _
username, password)
Dim mySearcher As New DirectorySearcher(myDE)
mySearcher.Filter = "sAMAccountName=" & username
mySearcher.PropertiesToLoad.Add("memberOf")
Dim propertyCount As Integer
Dim myresult As SearchResult = mySearcher.FindOne()
propertyCount = myresult.Properties("memberOf").Count
Dim dn As String
Dim equalsIndex, commaIndex As String
For i As Integer = 0 To propertyCount - 1
dn = myresult.Properties("memberOf")(i)
equalsIndex = dn.IndexOf("=", 1)
commaIndex = dn.IndexOf(",", 1)
If equalsIndex = -1 Then
Return Nothing
End If
GroupString += dn.Substring((equalsIndex + 1), _
(commaIndex - equalsIndex) - 1) & "|"
Catch ex As Exception
If ex.GetType Is GetType(System.NullReferenceException) Then
Response.Write("does not have a group")
'they are still a good user just does not
'have a "memberOf" attribute so it errors out.
'code to do something else here if you want
Else
Response.Write(ex.Message.ToString & ex.ToString)
End If
End Try
About the Author:
Charles Stratton has been programming since 1999 and enjoys staying on the edge of technology. his skills range from DNN to Sharepoint to Custom Development. currently working in VB.Net and C#.Net web and software. KISS - Programmers work smarter not harder. Charles can be reached at stratcr@peoplepc.com.
