Other Posts in LDAP

  1. Getting a User's Email Address from Active Directory
  2. Getting Names and Email Addresses from Active Directory Groups
  3. Getting All Contact Information from Active Directory
  4. Active Directory Utility for C#/ASP.Net
  5. Scanning a Network for Computers in C#

Getting Names and Email Addresses from Active Directory Groups

7/1/2008

This post is short on the description side because it doesn't really need a long description. Anyway, the function listed here allows you to search active directory for the members of a given group. It's fairly straight forward and only requires two queries to AD:

   1: public static StringDictionary GetGroupMembers(string GroupName, string UserName, string Password)
   2: {
   3:     try
   4:     {
   5:         StringDictionary ReturnArray = new StringDictionary();
   6:         DirectoryEntry deDirEntry = new DirectoryEntry("LDAP://LDAPDOMAIN",
   7:                                                            UserName,
   8:                                                            Password,
   9:                                                            AuthenticationTypes.Secure); 
  10:  
  11:         DirectorySearcher mySearcher = new DirectorySearcher(deDirEntry);
  12:         mySearcher.PropertiesToLoad.Add("distinguishedName"); 
  13:  
  14:         string sFilter = String.Format("(&(objectcategory=group)(cn=" + GroupName + "))"); 
  15:  
  16:         mySearcher.Filter = sFilter;
  17:         mySearcher.Sort.Direction = SortDirection.Ascending;
  18:         mySearcher.Sort.PropertyName = "cn"; 
  19:  
  20:         SearchResult result;
  21:         DirectoryEntry ResultEntry; 
  22:  
  23:         result = mySearcher.FindOne();
  24:         ResultEntry =result.GetDirectoryEntry(); 
  25:  
  26:         GroupName=ResultEntry.Properties["distinguishedName"].Value.ToString(); 
  27:  
  28:         mySearcher = new DirectorySearcher(deDirEntry);
  29:         mySearcher.PropertiesToLoad.Add("cn");
  30:         mySearcher.PropertiesToLoad.Add("mail"); 
  31:  
  32:         sFilter=String.Format("(&(memberOf={0}))", GroupName);
  33:         mySearcher.Filter = sFilter;
  34:         mySearcher.Sort.Direction = SortDirection.Ascending;
  35:         mySearcher.Sort.PropertyName = "cn";
  36:         mySearcher.PageSize = 1000; 
  37:  
  38:         SearchResultCollection results;
  39:         results = mySearcher.FindAll(); 
  40:  
  41:         foreach (SearchResult resEnt in results)
  42:         { 
  43:  
  44:             ResultPropertyCollection propcoll = resEnt.Properties;
  45:             string Name="";
  46:             string Email="";
  47:             foreach (string key in propcoll.PropertyNames)
  48:             {
  49:                 if (key == "cn")
  50:                 {
  51:                     foreach (object values in propcoll[key])
  52:                     {
  53:                         Name=values.ToString();
  54:                     }
  55:                 }
  56:                 else if(key=="mail")
  57:                 {
  58:                     foreach (object values in propcoll[key])
  59:                     {
  60:                         Email=values.ToString();
  61:                     }
  62:                 }
  63:             }
  64:             ReturnArray.Add(Name,Email);
  65:         }
  66:         return ReturnArray;
  67:     }
  68:     catch
  69:     {
  70:         return null;
  71:     }
  72: }

The function above does two queries. The first query finds out the distinguishedName of the group. The second query finds out who is a member of that group. All that this function requires to run is a user name, password, and the name of the group that you're looking up. You also need to go in and set the location of your LDAP server. Other than that, you're good to go. So use the code, leave feedback, and happy coding.



Comments