Hi,
I'm trying to develop a program in Visual Basic.NET 2005 that will manage user accounts on remote computers. These computers are not part of a domain and do not have active directory running on them. They are running under their own workgroup and behind a firewall.. To workaround for the firewall I managed to develope a service app that resided on these computers and comunicated through IP and Port. Surely the port is open for me... Most of the functioanlities are working fine, like adding new user accounts, modifying, deleting, querying users,groups and so forth.. The problem I'm having is obtaining group membership for a particular user. The code is provided below: (the inCount is alwayz equal to zero) I'm not sure if I am doing something wrong. Please could you provide me with some help or guidlines.. The other problem I'm having is adding new Groups...
''' <summary>
''' obtain group membership for user ''' </summary> ''' <param name="activeDirectoryUserProperty"></param> ''' <returns></returns> ''' <remarks></remarks> Public Overloads Overrides Function ObtainGroupMembershipForUser(ByVal activeDirectoryUserProperty As ActiveDirectoryEntryProperties) As List(Of ActiveDirectoryEntryProperties) Dim userInfo As DirectoryEntry = Nothing Dim intCount As Integer Dim intIndex As Integer Dim lstGroupMember As New List(Of ActiveDirectoryEntryProperties) Dim actDirUserProp As ActiveDirectoryEntryProperties Try 'Get Directory Entry object' activeDirectoryUserProperty.Name = name of the user to get info about
userInfo = Me.GetActiveDirctoryEntry(activeDirectoryUserProperty.Name, ApplicationEnums.SchemaClassNames.User)
If Not userInfo Is Nothing Then
'set authentication info for using ADs, feel free to createintCount = userInfo.Properties(
"MemberOf").Count If intCount > 0 Then 'Retrive group membership from Windows ADs and add to arraylist For intIndex = 0 To intCount - 1 ' create a new instance of the active directory user obkectactDirUserProp =
New ActiveDirectoryEntryProperties With actDirUserProp.Group = userInfo.Properties(
"MemberOf").Item(intIndex) End WithlstGroupMember.Add(actDirUserProp)
Next End If End If Catch ex As Exception End Try Return lstGroupMember End Function
ActiveDirectory services VB.net 2005 obtain group membership for a patrticular user
Beast Forever
The local machine store does not support read a users group membership from the user object. The only way with System.DirectoryServices to determine what groups a user is a member of with teh WinNT provider is to enumerate all the groups and check if the user is a member. Take a look at the AuthZ windows APIs which provide an alternate method to determine group membership. Specifically AuthzGetInformationFromContext which will enable you to read the users group off of the token which will contain every security group the user is a member of. To make a user the member of a group you need to open that group object and modify the members property by adding the new user. You cannot do this operation through the user object.
Travis Querec[MSFT]
mike the novice
Two things,
- I am able get group information from the WindowsIdentity object, see my blog article Security Principles and Local Admin Rights in C# .Net where I enumerate groups off of that....Is this releated to the OP topic or is it not the same or am I missing somthing.
- Why is there not an MSFT under you name in the forums
Thanks,SenPluto
Hi
i want retrive/get the work group name and through work group MAC address of user in that work group
i am working in vb.net 2005
can anybody help
or this program help
rchi