Retrieve list of roles and users from Active Directory...

TheMSsForum.com: The Microsoft Software Forum

Hi There,

I'm a complete newbie. I'm wondering if it's possible in C# to
retrieve the complete list of roles in Active Directory and also a
complete list of all users from active directory. I've looked in the
Enterprise Library of Security Block but couldn't find any code that
does this (it just gets the list of roles of a specified user).. Can
someone point me into the right direction?

Thanks

Sharon
Top

Re: Retrieve list of roles and users from Active Directory... by Marc

Marc
Tue Mar 08 02:00:04 CST 2005

>I'm a complete newbie. I'm wondering if it's possible in C# to
>retrieve the complete list of roles in Active Directory and also a
>complete list of all users from active directory. I've looked in the
>Enterprise Library of Security Block but couldn't find any code that
>does this (it just gets the list of roles of a specified user).. Can
>someone point me into the right direction?

Users, sure, no problem - but what do you mean by "roles" ?? Are you
talking about the Windows groups ? Or if not, what else? There's no
such things as a "role" per se, neither in Windows API's, nor in
Active Directory, as far as I know.

As for users: you'll need to add a reference to the
System.DirectoryServices dll to your project, and a "uses
System.DirectoryServices" statement to your .cs file. Then use a
DirectorySearcher something like this:

DirectorySearcher dsUsers = new
DirectorySearcher("LDAP://dc=yourDomain,dc=com");

dsUsers.Filter = "(&(objectClass=user)(objectCategory=user))";

dsUsers.PropertiesToLoad.Add("name");
dsUsers.PropertiesToLoad.Add("mail");
// add whatever other properties you need to have loaded

foreach(SearchResult srUser in dsUsers.FindAll())
{
Console.WriteLine("User " + srUser.Properties["name"].ToString() + "
has e-mail address " + srUser.Properties["mail"].ToString());
}

HTH
Marc
================================================================
Marc Scheuner May The Source Be With You!
Berne, Switzerland m.scheuner -at- inova.ch
Top

Re: Retrieve list of roles and users from Active Directory... by ricolee99

ricolee99
Tue Mar 08 10:19:52 CST 2005

Thanks for the response Marc,

I'm referring to the list of windows groups (sorry for the confusion).
Marc, is there a way to also obtain a list of users that belong to a
certain group?
I'm curious if this is within the security block of the Enterprise
Library. The thing that I managed to find within the Enterprise
Library is code retrieving the list of groups that a specified user
belongs to...

Thank you in advance

Sharon





Marc Scheuner [MVP ADSI] <m.scheuner@inova.SPAMBEGONE.ch> wrote in message news:<emmq21ttrtasimgmlnad9jknkp3i0vnji5@4ax.com>...
> >I'm a complete newbie. I'm wondering if it's possible in C# to
> >retrieve the complete list of roles in Active Directory and also a
> >complete list of all users from active directory. I've looked in the
> >Enterprise Library of Security Block but couldn't find any code that
> >does this (it just gets the list of roles of a specified user).. Can
> >someone point me into the right direction?
>
> Users, sure, no problem - but what do you mean by "roles" ?? Are you
> talking about the Windows groups ? Or if not, what else? There's no
> such things as a "role" per se, neither in Windows API's, nor in
> Active Directory, as far as I know.
>
> As for users: you'll need to add a reference to the
> System.DirectoryServices dll to your project, and a "uses
> System.DirectoryServices" statement to your .cs file. Then use a
> DirectorySearcher something like this:
>
> DirectorySearcher dsUsers = new
> DirectorySearcher("LDAP://dc=yourDomain,dc=com");
>
> dsUsers.Filter = "(&(objectClass=user)(objectCategory=user))";
>
> dsUsers.PropertiesToLoad.Add("name");
> dsUsers.PropertiesToLoad.Add("mail");
> // add whatever other properties you need to have loaded
>
> foreach(SearchResult srUser in dsUsers.FindAll())
> {
> Console.WriteLine("User " + srUser.Properties["name"].ToString() + "
> has e-mail address " + srUser.Properties["mail"].ToString());
> }
>
> HTH
> Marc
> ================================================================
> Marc Scheuner May The Source Be With You!
> Berne, Switzerland m.scheuner -at- inova.ch
Top

Re: Retrieve list of roles and users from Active Directory... by Marc

Marc
Wed Mar 09 01:27:43 CST 2005

>I'm referring to the list of windows groups (sorry for the confusion).

Okay, use the same approach, just a different filter:

dsUsers.Filter = "(&(objectClass=group)(objectCategory=Group))";

> Marc, is there a way to also obtain a list of users that belong to a
>certain group?

Sure - bind to the group and then look at its "member" property:

DirectoryEntry deGroup = new
DirectoryEntry("LDAP://cn=yourgroup,dc=yourcompany,dc=com");

foreach(object oMember in deGroup.Properties["member"])
{
Console.WriteLine(oMember.ToString());
}

Marc
================================================================
Marc Scheuner May The Source Be With You!
Berne, Switzerland m.scheuner -at- inova.ch
Top