I'm having a bit of difficultly with this code, specifically with PrincipalSearcher. I'm trying to get a list of all the Groups associated with a specific OU.
I'm trying to just return "Security" groups under all Group Scopes, excluding distribution groups.
The issue I'm having is, it's returning these built-in groups in addition to the one's I'm intending to return.
HelpServicesGroup TelnetClients Administrators Users Guests Print Operators Backup Operators Replicator Remote Desktop Users Network Configuration Operators Performance Monitor Users Performance Log Users Distributed COM Users Domain Computers Domain Controllers Schema Admins Enterprise Admins Cert Publishers Domain Admins Domain Users Domain Guests Group Policy Creator Owners RAS and IAS Servers Server Operators Account Operators Pre-Windows 2000 Compatible Access Incoming Forest Trust Builders Windows Authorization Access Group Terminal Server License Servers DnsAdmins DnsUpdateProxy IIS_WPG
I'm not sure if perhaps the scope is incorrect or maybe I'm missing some sort of filtering.
The relevant code segment:
public static ArrayList GetAllGroups()
{
var myItems = new ArrayList();
var ctx = new PrincipalContext(ContextType.Domain,"MyOU");
// define a "query-by-example" principal - here, we search for a GroupPrincipal
var qbeGroup = new GroupPrincipal(ctx);
// create your principal searcher passing in the QBE principal
var srch = new PrincipalSearcher(qbeGroup);
// find all matches
foreach (Principal found in srch.FindAll())
{
var foundGroup = found as GroupPrincipal;
if (foundGroup != null)
{
myItems.Add(foundGroup.Name);
}
}
return myItems;
}
How do I get this to exclude the built-in groups?
Any assistance with this will be greatly appreciated.
Thank you!
Two things:
there are no groups associated with an OU - an OU is a container which contains users, computers, groups etc. (like a directory that contains files). Is that what you mean? You want to enumerate the group contained inside a given OU??
if so: you're not calling the constructor for the PrincipalContext
properly. If you check the MSDN documentation on PrincipalContext
constructors, you'll see that the one you're using is the one with a ContextType
and a name
which stands for the domain name of the context you want to bind to:
var ctx = new PrincipalContext(ContextType.Domain,"MyOU");
This binds to the MyOU
domain - and it binds right at the root of that domain tree.
What you're probably looking for is the constructor with three parameters - a ContextType
and two strings - the first one being the domain name as above, and the second one being the start location of your search. So change your PrincipalContext
construction to:
var ctx = new PrincipalContext(ContextType.Domain, "YOURDOMAIN", "OU=MyOU");
and then search again - now you should get only groups that are contained inside the OU=MyOU
container.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With