Sorry about the wrong newsgroup. This code works but only from my localMark said:As per subject, tried many examples that none seem to work.
Simply I need to check if the current user is a member of a certain
Active Directory group?
Firstly, you're in the wrong newsgroup. Please post ActiveDirectory
questions in the ActiveDirectory newsgroup: microsoft.public.adsi.general
However, the following function returns a List<string> of the groups
that a user belongs to:
List<string> GetGroupsForUser(string pstrUser)
{
List<string> lstGroups = new List<string>();
using (DirectorySearcher objDS = new
DirectorySearcher("objectCategory=User"))
{
objDS.Filter = "(SAMAccountName=" + pstrUser + ")";
using (DirectoryEntry objUser = new
DirectoryEntry(objDS.FindOne().Path))
{
PropertyCollection colProperties = objUser.Properties;
PropertyValueCollection colPropertyValues =
colProperties["memberOf"];
foreach (string strGroup in colPropertyValues)
{
lstGroups.Add(strGroup.ToLower());
}
}
}
return lstGroups;
}
Then, all you have to do is check whether the group you're interested in
is contained in the generic...
Alternatively, as AD is navigational, not relational, start with the
group and query AD for its members...
Firstly, you're in the wrong newsgroup. Please post ActiveDirectory
questions in the ActiveDirectory newsgroup: microsoft.public.adsi.generalHowever, the following function returns a List<string> of the groups
that a user belongs to:List<string> GetGroupsForUser(string pstrUser)
{
List<string> lstGroups = new List<string>();
using (DirectorySearcher objDS = new
DirectorySearcher("objectCategory=User"))
{
objDS.Filter = "(SAMAccountName=" + pstrUser + ")";
using (DirectoryEntry objUser = new
DirectoryEntry(objDS.FindOne().Path))
{
PropertyCollection colProperties = objUser.Properties;
PropertyValueCollection colPropertyValues =
colProperties["memberOf"];
foreach (string strGroup in colPropertyValues)
{
lstGroups.Add(strGroup.ToLower());
}
}
}
return lstGroups;
}Then, all you have to do is check whether the group you're interested in
is contained in the generic...Alternatively, as AD is navigational, not relational, start with the
group and query AD for its members...
Sorry about the wrong newsgroup. This code works but only from my local
machine, any other connections non-local return the error message :
"The specified domain either does not exist or could not be contacted."- Hide quoted text -
- Show quoted text -
Alexey said:is it an ASP.net application?
Sorry if my post was not very clear, the machines that I want to connectThere was no mention of remote active directory in your original post...
http://www.codeproject.com/KB/system/everythingInAD.aspx and search for
"Target Specific Domain Controllers or Credentials"
Again, active directory questions will likely get a better and faster
response if you post them in the active directory newsgroup...
Sorry if my post was not very clear, the machines that I want to connect
via AD are all present within the same domain. The local machine hosting
IIS (essentially my dev box) can connect/query AD, but connecting via
another machine (on the same domain) returns :
"The specified domain either does not exist or could not be contacted."
when trying to access my dev box.