How to get all the AD groups for a particular user?

c# .net active-directory ldap directoryservices

Solution 1:

You should use System.DirectoryServices.AccountManagement. It's much easier. Here is a nice code project article giving you an overview on all the classes in this DLL.

As you pointed out, your current approach doesn't find out the primary group. Actually, it's much worse than you thought. There are some more cases that it doesn't work, like the domain local group from another domain. You can check here for details. Here is how the code looks like if you switch to use System.DirectoryServices.AccountManagement. The following code can find the immediate groups this user assigned to, which includes the primary group.

UserPrincipal user = UserPrincipal.FindByIdentity(new PrincipalContext (ContextType.Domain, "mydomain.com"), IdentityType.SamAccountName, "username");
foreach (GroupPrincipal group in user.GetGroups())
{
    Console.Out.WriteLine(group);
}

Solution 2:

Use tokenGroups:

DirectorySearcher ds = new DirectorySearcher();
ds.Filter = String.Format("(&(objectClass=user)(sAMAccountName={0}))", username);
SearchResult sr = ds.FindOne();

DirectoryEntry user = sr.GetDirectoryEntry();
user.RefreshCache(new string[] { "tokenGroups" });

for (int i = 0; i < user.Properties["tokenGroups"].Count; i++) {
    SecurityIdentifier sid = new SecurityIdentifier((byte[]) user.Properties["tokenGroups"][i], 0);
    NTAccount nt = (NTAccount)sid.Translate(typeof(NTAccount));
    //do something with the SID or name (nt.Value)
}

Note: this only gets security groups

Related

JPA Criteria API - How to add JOIN clause (as general sentence as possible)
How to find spark RDD/Dataframe size?
Unobtrusive validation not working on dynamically-added partial view
Difference between Subquery and Correlated Subquery
Closed form for $\sum^\infty_{n=1}\frac{H_n}{2^n\,(2n+1)^2}$
What made the proof of the four color theorem on planes so hard?
Prove that ${x^7-1 \over x-1}=y^5-1$ has no integer solutions
Most efficient method for computing Singular Value Decomposition of a triangular matrix?
Conjecture $\sum_{n=1}^\infty\frac{n^2}{(-1)^n \cosh(\pi n\sqrt{3})-1}=\frac{1}{12\pi^2}$
On $\big(\tfrac{1+\sqrt{5}}{2}\big)^{12}=\small 161+72\sqrt{5}$ and $\int_{-1}^1\frac{dx}{\left(1-x^2\right)^{\small3/4} \sqrt[4]{161+72\sqrt{5}\,x}}$
The solutions of $(z-i)^n+(z+i)^n=z^n$ are real.
Periodic sequences given by recurrence relations