Global Group Info in Domain Local Group AD Query Help

  • Thread starter Thread starter xenophon
  • Start date Start date
X

xenophon

I am enumerating a Domain Local Group. It contains local users as well
as Global Groups from other domains. When checking membership of the
group, I get a DirectoryEntry with the following Path property:

"LDAP://testdc.test.coml/CN=S-1-5-21-1973115903-1958036494-624655392-6671,CN=ForeignSecurityPrincipals,DC=test,DC=com"

I know that is a remote domain Global Group, but I need to get more
information on it so I can query that other domain and group. How can
I do that? I need to get the remote domain name and group name.
 
Dear Customer,

From you description, I understand that you want to get a DirectoryEntry's
domain name and its group name.
If I misunderstood, please feel free to let me know.

Based on my research, we need to parse the Path property to get the domain
name and use the Name Property to get the group name.

Here is the code snippet for your reference.
private void button1_Click(object sender, EventArgs e)
{
//You need to change the LDAP path according to your scenario.
DirectoryEntry de = new
DirectoryEntry("LDAP://CN=Group1,DC=Test,DC=com");
MessageBox.Show(de.Name);
Regex rg = new Regex(@"DC=(\w+)");
string dn="";
foreach( Match m in rg.Matches(de.Path))
dn += m.Groups[1].Value+".";
MessageBox.Show(dn);
}

You may have a try and let me know the result.
If you still have any concern, please feel free to let me know.
I look forward to hearing from you.

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
You have misunderstood me completely. I do not need a Regular
Expression to
get the DC name. I know the DC name. I need to understand how to look
up
an entity in AD based on the GUID. In the below string:


"LDAP://testdc.test.coml/CN=S-1-5-21-1973115903-1958036494-624655392-6671,CN=ForeignSecurityPrincipals,DC=test,DC=com"

I need to know what "CN=S-1-5-21-1973115903-1958036494-624655392-6671"
is!



-----------------------------


Dear Customer,

From you description, I understand that you want to get a
DirectoryEntry's
domain name and its group name.
If I misunderstood, please feel free to let me know.
.....
 
Hi

I am not familar with AD.
Based on my understanding, you have tried to use Name property and you will
get a string like "S-1-5-21-1973115903-1958036494-624655392-6671" i
However based on my knowledge, the reason why we will get a Name of the
pattern of "S-1-5-21-1973115903-1958036494-624655392-6671" is because the
DNS, AD replication or name parse is not working correctly between the
Domains.

So I think you need to contact your AD administrator to check the DNS AD
configuration.
Or you may try to post in the AD newsgroup about how to well configurate
the AD.
e.g.
microsoft.public.win2000.active_directory
or
microsoft.public.windows.server.active_directory
Thanks for your understanding!
If you still have any other concern, please feel free to post here.



Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top