active-directory-group

Context We're adding group membership filtering when importing members from an LDAP server into our application. (Previously we imported all members from a given ldap "base DN"; now administrators can restrict to certain groups, i.e. members "Sales" and "HR" in the base DN). Our application supports: SunONE Active Directory Also, we plan to support static groups only, not dynamic groups. How We Would Have Done It In the past, we would use two lookups to replicate members into our database for this new functionality. lookup all members in the baseDN lookup all groups (with members) where group

I've an Active Directory with domain myDomain.local , under it there exists a Distribution Group that contains many groups. How can I read (programmatically) all these subgroups to retrieve a list of their names ? And how to optimize the query to filter the result so that it just retrieves all the groups that ends with the word Region ? BTW, I'm using C#.Net, ASP.Net and sharepoint, and i'm not experienced with AD. If you're on .NET 3.5 (or can upgrade to it), you can use this code using the System.DirectoryServices.AccountManagement namespace: // create the "context" in which to operate -

I wrote this to get the groups a particular user belongs to: DirectoryEntry AD = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer"); DirectoryEntry user = AD.Children.Find(completeUserName, "user"); object obGroups = AD.Invoke("Groups"); foreach (object ob in (IEnumerable)obGroups) { // Create object for each group. DirectoryEntry obGpEntry = new DirectoryEntry(ob); listOfMyWindowsGroups.Add(obGpEntry.Name); } for (int j = 0; j < listOfMyWindowsGroups.Count; j++) { //ex } How is it possible to retrieve all the groups in windows and not just for a particular user? How about

I'm trying to run a windows service and an IIS website under the same active directory Group Managed Service Account SomeServiceAccount . I've got 2 servers App and Web . I've made a group called SomeGroup , added App and Web with the command Add-ADGroupMember "SomeGroup" -Members (Get-ADComputer "App") and Add-ADGroupMember "SomeGroup" -Members (Get-ADComputer "Web") Restarted both the machines to make sure they are part of the group Ran the command on the domain controller New-ADServiceAccount -Name SomeServiceAccount -Enabled $true -DNSHostName domain-controller

I'm looking for a way to find a the windows login associated with a specific group. I'm trying to add permissions to a tool that only allows names formatted like: DOMAIN\USER DOMAIN\GROUP I have a list of users in active directory format that I need to add: ou=group1;ou=group2;ou=group3 I have tried adding DOMAIN\Group1, but I get a 'user not found' error. P.S. should also be noted that I'm not a Lan admin Programatically or Manually? Manually, i prefer AdExplorer , which is a nice Active directory Browser. You just connect to your domain controller and then you can look for the user and see

I created a WCF web service to return user and group information from Active Directory. It works for most groups and users. I use directoryEntry.Invoke("groups",null) to return the groups a specified user is member of. This returns MOST groups. The odd thing is I can find any group and enumerate its members, even if it is one of the groups missing when I use the invoke query on one of its members. Most of the groups that exhibit this behavior are Exchange-enabled. Most of the problematic user accounts are for users in a federated domain, who use an Exchange server in the domain that I query. I