Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>If you're on .NET 3.5 or up, you can use the new <code>System.DirectoryServices.AccountManagement</code> (S.DS.AM) namespace which makes this a lot easier than it used to be.</p> <p>Read all about it here: <strike><a href="http://msdn.microsoft.com/en-us/magazine/cc135979.aspx" rel="noreferrer">Managing Directory Security Principals in the .NET Framework 3.5</a></strike></p> <p><strong>Update:</strong> older MSDN magazine articles aren't online anymore, unfortunately - you'll need to <a href="http://download.microsoft.com/download/3/A/7/3A7FA450-1F33-41F7-9E6D-3AA95B5A6AEA/MSDNMagazineJanuary2008en-us.chm" rel="noreferrer">download the CHM for the January 2008 MSDN magazine</a> from Microsoft and read the article in there.</p> <p>Basically, you need to have a "principal context" (typically your domain), a user principal, and then you get its groups very easily:</p> <pre><code>public List&lt;GroupPrincipal&gt; GetGroups(string userName) { List&lt;GroupPrincipal&gt; result = new List&lt;GroupPrincipal&gt;(); // establish domain context PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain); // find your user UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, userName); // if found - grab its groups if(user != null) { PrincipalSearchResult&lt;Principal&gt; groups = user.GetAuthorizationGroups(); // iterate over all groups foreach(Principal p in groups) { // make sure to add only group principals if(p is GroupPrincipal) { result.Add((GroupPrincipal)p); } } } return result; } </code></pre> <p>and that's all there is! You now have a result (a list) of authorization groups that user belongs to - iterate over them, print out their names or whatever you need to do.</p> <p><em>Update:</em> In order to access certain properties, which are not surfaced on the <code>UserPrincipal</code> object, you need to dig into the underlying <code>DirectoryEntry</code>:</p> <pre><code>public string GetDepartment(Principal principal) { string result = string.Empty; DirectoryEntry de = (principal.GetUnderlyingObject() as DirectoryEntry); if (de != null) { if (de.Properties.Contains("department")) { result = de.Properties["department"][0].ToString(); } } return result; } </code></pre> <p><em>Update #2:</em> seems shouldn't be too hard to put these two snippets of code together.... but ok - here it goes:</p> <pre><code>public string GetDepartment(string username) { string result = string.Empty; // if you do repeated domain access, you might want to do this *once* outside this method, // and pass it in as a second parameter! PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain); // find the user UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, username); // if user is found if(user != null) { // get DirectoryEntry underlying it DirectoryEntry de = (user.GetUnderlyingObject() as DirectoryEntry); if (de != null) { if (de.Properties.Contains("department")) { result = de.Properties["department"][0].ToString(); } } } return result; } </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload