How do I get group description of a user from external active directory using LDAP

0
votes

I need to get all group name and its description (of which user is member and also those groups which don't have user). The connection to the external domain has to be trough LDAP with port 389 and with user's credential.

For now I am able to validate the user by using below code:

public string UserValidation(string username, string domain, string password, string url)
{        
var credentials = new NetworkCredential(username, password, domain);        
var serverId = new LdapDirectoryIdentifier(url);
LdapConnection connection = new LdapConnection(serverId, credentials);        
string result = "true";            
try            
{                
connection.Bind();            
}            
catch (Exception e)            
{                
result = e.ToString();            
}            
connection.Dispose();            
return result;        
}

This link helps to get groups but not for external domain.

2
c#ldap

2 Answers

0
votes

Add this Namespce

using System.DirectoryServices;

Then try this code

DirectoryEntry de = new DirectoryEntry(urLDAPdomain, username, passwaord,  AuthenticationTypes.Secure);

  DirectorySearcher ds = new DirectorySearcher(de);
   // in ds u will get all  users and groups
0
votes

I got the group description of which the user is member of by using below codes:

var path = String.Format("LDAP://{0}:{1}", DomainControllerIP, Port);
                DirectoryEntry rootDE = new DirectoryEntry(path, strUserName, strPassword);
                DirectorySearcher dSearcher = new DirectorySearcher(rootDE);
                dSearcher.Filter = "(&(sAMAccountName=" + strUserName + ")(objectClass=User)(objectCategory=Person))";
                SearchResult sResult = dSearcher.FindOne();
                foreach (var grp in sResult.Properties["memberOf"])
                    {
                        string sGrpName = (Convert.ToString(grp).Remove(0, 3)).Split(',')[0];
                        DirectorySearcher gSearcher = new DirectorySearcher(rootDE);
                        gSearcher.Filter = "sAMAccountName=" + sGrpName;
                        SearchResult gResult = gSearcher.FindOne();
                        //Group Name in groupName
                        string groupName = gResult.Properties["name"][0].ToString();
                    }

To get description of all the groups:

dSearcher.Filter = "(&(objectCategory=group))";
dSearcher.PropertiesToLoad.Add("name");
dSearcher.PropertiesToLoad.Add("description");

SearchResultCollection results = dSearcher.FindAll();

foreach (SearchResult res in results)
{
    String name = ((res.Properties["name"])[0]).ToString();
    string groupDescription = (res.Properties["description"])[0].ToString();
}