VB and ASP.Net to read ActiveDirectory users?

Question

0.00/5 (No votes)

See more:

I'm attempting to use VB and ASP.NET 2.0 to read an ActiveDirectory group and determine whether the current user is in the group or not. The name is passed to the function in loginStr. It should be dead simple, but I'm getting weird results, and would appreciate it if someone could let me know what I should be looking for from here.

Public Shared Function KnownUser(ByVal loginStr As String) As Boolean
    Dim isValid As Boolean
    Dim strUser As String

    Dim adsRoot As New DirectoryEntry("LDAP://CN=svc_githd,OU=Service Accounts,OU=User Accounts,OU=WD,OU=Americas,DC=MyCompany,DC=com")
    Dim adsSearch As DirectorySearcher = New DirectorySearcher(adsRoot)
    strUser = Mid(loginStr, InStr(1, loginStr, "\") + 1)

    adsSearch.PropertiesToLoad.Add("sAMAccountName")
    adsSearch.PropertiesToLoad.Add("memberOf")

    Dim oResult As SearchResult
    Dim adsGrpcn As String

    isValid = False

    Try
        oResult = adsSearch.FindOne()

        For Each adsGrpcn In oResult.GetDirectoryEntry().Properties("memberOf").Value
            If adsGrpcn = "MyGroup" Then isValid = True
        Next
    Catch ex As Exception
        Dim msg As String = ex.Message
        msg = msg & "---"
    End Try

    Return isValid
End Function

When I step through the code with the debugger, adsGrpcn has, in turn, each character in "CN=SVC_HDAccounts,OU=Security,OU=Groups,OU=Americas,DC=MyCompany,DC=com" (minus the quotes, of course). I know there's something simple I'm missing. How do I check individual user accounts within the group indicated?

Posted 22-Oct-13 3:02am

MattFFunke

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

laxmikant01 · Answer 1 · 2013-10-22T06:21:00

Try below code

public bool VerifyUserGroup(string userName)
        {
            bool returnValue = false;             
            PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "YOUR DOMAIN NAME");
            UserPrincipal up = UserPrincipal.FindByIdentity(ctx, userName);
           
            if (up != null)
            {
                string authorizeGroups = WebConfigurationManager.AppSettings["AuthorizeGroups"].ToString();            
                Principal principle = up.GetAuthorizationGroups().Where(x => x.Name == authorizeGroups).FirstOrDefault();

                if (principle == null)
                {
                    returnValue = false;
                }
                else
                {
                    returnValue = true;
                }
            }
            return returnValue;
        }

phil.o · Answer 2 · 2013-10-22T09:44:00

Solution 2

VB

For Each adsGrpcn In oResult.GetDirectoryEntry().Properties("memberOf").Values

You may put an extra 's' at the end of this line, and see if it does the trick.

Posted 22-Oct-13 9:44am

phil.o

Comments

MattFFunke 22-Oct-13 15:47pm

It returns the error "'Values' is not a member of 'System.DirectoryServices.PropertyValueCollection'."

phil.o 22-Oct-13 15:59pm

Quite strange :)
I have that page System.DirectoryServices.PropertyCollection.Values Property (.NET 2.0) that says the contrary.

You may try to put a breakpoint on your For Each statement so that you can check what exactly contains your PropertyCollection.