Use LDAP to find the ADGroupy to which the AD User belongs
1 /// <summary>
2 // obtain the SID of the user group
3 /// </summary>
4 // <code> Comes From http://netwenchao.cnblogs.com </code>
5 /// <returns> </returns>
6 public static IEnumerable <string> GetGroupSidsOfUser (string userLoginName, ADOperator operater)
7 {
8 using (DirectorySearcher directorySearcher = new DirectorySearcher (
9 new DirectoryEntry (string. Format ("LDAP: // {0}", operater. ManageDomainName), operater. UserLogonName, operater. Password, AuthenticationTypes. Secure ),
10 string. Format ("(& (objectcategory = user) (samaccountname = {0})", GetUserName (userLoginName )),
11 new string [] {ADUserAttributes. SamAccountName }))
12 {
13 var result = directorySearcher. FindOne ();
14 if (result! = Null)
15 {
16 DirectoryEntry directoryEntry = result. GetDirectoryEntry ();
17 directoryEntry. RefreshCache (new string [] {ADUserAttributes. TokenGroupsGlobalAndUniversal });
18 for (int index = 0; index <directoryEntry. Properties [ADUserAttributes. TokenGroupsGlobalAndUniversal]. Count; index ++)
19 {
20 yield return ConvertBinarySidToString (byte []) directoryEntry. Properties [ADUserAttributes. TokenGroupsGlobalAndUniversal] [index]);
21}
22}
23}
24 yield break;
25}
26
27 /// <summary>
28 // obtain the AccountName of the user group
29 /// </summary>
30 /// <param name = "userLoginName"> </param>
31 // <param name = "operater"> </param>
32 // <code> Comes From http://netwenchao.cnblogs.com </code>
33 // <returns> </returns>
34 public static IEnumerable <string> GetGroupsOfUser (string userLoginName, ADOperator operater)
35 {
36 using (DirectorySearcher directorySearcher = new DirectorySearcher (
37 new DirectoryEntry (string. Format ("LDAP: // {0}", operater. ManageDomainName), operater. UserLogonName, operater. Password, AuthenticationTypes. Secure ),
38 "",
39 new string [] {ADUserAttributes. SamAccountName }))
40 {
41 IList <string> groups = new List <string> ();
42 SearchResult sr = null;
43 var sids = GetGroupSidsOfUser (userLoginName, operater );
44 if (! Sids. Any () return null;
45 foreach (var sid in sids)
46 {
47 directorySearcher. Filter = string. Format ("objectsid = {0}", sid );
48 sr = directorySearcher. FindOne ();
49 if (null! = Sr & sr. Properties [ADUserAttributes. SamAccountName]. Count> 0) groups. Add (sr. Properties [ADUserAttributes. SamAccountName] [0]. ToString ());
50}
51 return groups;
52}
53}
From http://netwenchao.cnblogs.com