EDN Admin
Well-known member
Right now I have a function that gets information from an active directory security group. The code uses a direct path of the security group. Then it returns a string of information that I compare to validate. One issue is, I am using a direct path and there
may be an instance where the group gets moved. If I have the group name, is there any way I can just search against the root of the domain controller and step down through the OUs to find it? Would this be a long task? Also, is there any way to retrieve a
list of users in the group by user name so I can just compare it to the user that is currently logged in?
Below is my code... It works as long as the direct path doesnt change. I am looking to make it more dynamic. Any help would be greatly appreciated. This is .NET 2.0.
<pre class="prettyprint lang-vb Public Class LDAP
Public Function isInGroup(ByVal _GroupName As String, Optional ByVal _DCServerName As String = "abcdc02.abc.123.com", Optional ByVal _OUPath As String = "Miscellaneous/Application Groups/Domain Groups") As Boolean
Try
Dim _UserName As String = HttpContext.Current.User.Identity.Name.ToString()
If HttpContext.Current.User.IsInRole(_GroupName) Then
Return True
Else
Dim _UserAD As String() = _UserName.Split("")
If _UserAD.Length = 2 Then
Dim _UserSearchResult As SearchResult
Using _UserDirectoryEntry As New DirectoryEntry(String.Format("LDAP://{0}.uss.com", _UserAD(0)))
Using _UserDirectorySearcher As New DirectorySearcher(_UserDirectoryEntry)
_UserDirectorySearcher.Filter = String.Format("(sAMAccountName={0})", _UserAD(1))
_UserSearchResult = _UserDirectorySearcher.FindOne()
End Using
End Using
Dim _DirectoryString As New StringBuilder
Dim _OUs As String() = _OUPath.Split("/")
Dim _DC As String() = _DCServerName.Split(".")
_DirectoryString.Append(String.Format("LDAP://{0}", _DCServerName))
If (Right(_DCServerName, 1) = "/") = False Then
_DirectoryString.Append("/")
End If
For Each _OU As String In _OUs
_DirectoryString.Append("ou=")
_DirectoryString.Append(_OU)
_DirectoryString.Append(",")
Next
For i As Integer = 1 To (_DC.Length - 2)
_DirectoryString.Append("dc=")
_DirectoryString.Append(_DC(i))
_DirectoryString.Append(",")
Next
_DirectoryString.Append("dc=")
_DirectoryString.Append(_DC(_DC.Length - 1))
Dim _DirectoryEntry As DirectoryEntry = New DirectoryEntry(_DirectoryString.ToString())
Dim _DirectorySearcher As DirectorySearcher = New DirectorySearcher(_DirectoryEntry)
_DirectorySearcher.SearchScope = SearchScope.Subtree
Dim _SearchStringGroup As String = String.Format("(&(objectCategory=group)(sAMAccountName={0}))", _GroupName)
_DirectorySearcher.Filter = _SearchStringGroup.ToString()
_DirectorySearcher.PropertiesToLoad.Add("distinguishedname")
For Each _SecurityGroup As SearchResult In _DirectorySearcher.FindAll()
Dim _UserData As String() = _UserSearchResult.Path.ToString().Split("/")
Dim _Entry As DirectoryEntry = _SecurityGroup.GetDirectoryEntry()
For Each _Member As String In _Entry.Properties("member")
If _Member = _UserData(_UserData.Length - 1) Then
Return True
End If
Next
Next
Return False
Else
Return False
End If
End If
Catch ex As Exception
Return False
End Try
End Function
End Class[/code]
<br/>
View the full article
may be an instance where the group gets moved. If I have the group name, is there any way I can just search against the root of the domain controller and step down through the OUs to find it? Would this be a long task? Also, is there any way to retrieve a
list of users in the group by user name so I can just compare it to the user that is currently logged in?
Below is my code... It works as long as the direct path doesnt change. I am looking to make it more dynamic. Any help would be greatly appreciated. This is .NET 2.0.
<pre class="prettyprint lang-vb Public Class LDAP
Public Function isInGroup(ByVal _GroupName As String, Optional ByVal _DCServerName As String = "abcdc02.abc.123.com", Optional ByVal _OUPath As String = "Miscellaneous/Application Groups/Domain Groups") As Boolean
Try
Dim _UserName As String = HttpContext.Current.User.Identity.Name.ToString()
If HttpContext.Current.User.IsInRole(_GroupName) Then
Return True
Else
Dim _UserAD As String() = _UserName.Split("")
If _UserAD.Length = 2 Then
Dim _UserSearchResult As SearchResult
Using _UserDirectoryEntry As New DirectoryEntry(String.Format("LDAP://{0}.uss.com", _UserAD(0)))
Using _UserDirectorySearcher As New DirectorySearcher(_UserDirectoryEntry)
_UserDirectorySearcher.Filter = String.Format("(sAMAccountName={0})", _UserAD(1))
_UserSearchResult = _UserDirectorySearcher.FindOne()
End Using
End Using
Dim _DirectoryString As New StringBuilder
Dim _OUs As String() = _OUPath.Split("/")
Dim _DC As String() = _DCServerName.Split(".")
_DirectoryString.Append(String.Format("LDAP://{0}", _DCServerName))
If (Right(_DCServerName, 1) = "/") = False Then
_DirectoryString.Append("/")
End If
For Each _OU As String In _OUs
_DirectoryString.Append("ou=")
_DirectoryString.Append(_OU)
_DirectoryString.Append(",")
Next
For i As Integer = 1 To (_DC.Length - 2)
_DirectoryString.Append("dc=")
_DirectoryString.Append(_DC(i))
_DirectoryString.Append(",")
Next
_DirectoryString.Append("dc=")
_DirectoryString.Append(_DC(_DC.Length - 1))
Dim _DirectoryEntry As DirectoryEntry = New DirectoryEntry(_DirectoryString.ToString())
Dim _DirectorySearcher As DirectorySearcher = New DirectorySearcher(_DirectoryEntry)
_DirectorySearcher.SearchScope = SearchScope.Subtree
Dim _SearchStringGroup As String = String.Format("(&(objectCategory=group)(sAMAccountName={0}))", _GroupName)
_DirectorySearcher.Filter = _SearchStringGroup.ToString()
_DirectorySearcher.PropertiesToLoad.Add("distinguishedname")
For Each _SecurityGroup As SearchResult In _DirectorySearcher.FindAll()
Dim _UserData As String() = _UserSearchResult.Path.ToString().Split("/")
Dim _Entry As DirectoryEntry = _SecurityGroup.GetDirectoryEntry()
For Each _Member As String In _Entry.Properties("member")
If _Member = _UserData(_UserData.Length - 1) Then
Return True
End If
Next
Next
Return False
Else
Return False
End If
End If
Catch ex As Exception
Return False
End Try
End Function
End Class[/code]
<br/>
View the full article