Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Get members of Active Directory Group and check if they are enabled or disabled

Tags:

c#

active-directory

What is the fastest way to get a list of all members/users in a given AD group and determine whether or not a user is enabled (or disabled)?

We are potentially talking about 20K users, so I would like to avoid hitting the AD for each individual user.

like image 357
Karsten Strøbæk Avatar asked Aug 30 '11 11:08

Karsten Strøbæk

People also ask

How do I query a group membership in active directory?

You can check group membership with the Active Directory Users and Computers (ADUC) console snap-in by finding the user or group of interest and drilling down into the object's properties and clicking the “Members” or “Member Of” tab.

Is there a way to check ad group membership for a computer?

You can check active directory group membership using the command line net user or dsget or using the Get-AdGroupMember PowerShell cmdlet to check ad group membership. Active Directory groups are a great way to manage and grant access permissions to users like access to specific servers, and computers.

How do I get a list of members of ad group in PowerShell?

Use Get-ADGroupMember cmdlet to List Members of an Active Directory Group. The PowerShell Get-ADGroupMember cmdlet is used to list the members of an Active Directory group. You can just type the cmdlet in a PowerShell window and you'll be prompted to enter the name of the group you want to use.

1 Answers

If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

  • Managing Directory Security Principals in the .NET Framework 3.5
  • MSDN docs on System.DirectoryServices.AccountManagement

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context PrincipalContext ctx = new PrincipalContext(ContextType.Domain);  // find the group in question GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, "YourGroupNameHere");  // if found.... if (group != null) {    // iterate over members    foreach (Principal p in group.GetMembers())    {       Console.WriteLine("{0}: {1}", p.StructuralObjectClass, p.DisplayName);        // do whatever you need to do to those members       UserPrincipal theUser = p as UserPrincipal;        if(theUser != null)       {           if(theUser.IsAccountLockedOut())            {                ...           }           else           {                ...           }       }    } }

The new S.DS.AM makes it really easy to play around with users and groups in AD!

like image 88
marc_s Avatar answered Sep 24 '22 00:09

marc_s
Sign in to Comment

Related questions

Intersection of two sets in most optimized way
Writing an Excel file in EPPlus
Task.Factory.StartNew with async lambda and Task.WaitAll
Could not find an implementation of the query pattern for source type 'System.Data.Entity.DbSet'
Automapper says Mapper.Map is obsolete, global mappings?
Error: The build restored NuGet packages. Build the project again to include these packages in the build. For more information
Filtering lists using LINQ
What does () mean in a lambda expression when using Actions?
Ordering nullable DateTime in Linq to SQL
How to retain spaces in DropDownList - ASP.net MVC Razor views
Exception when using FolderBrowserDialog
Get the largest key in a dictionary
Issue using ASP.Net MVC 4 Web API with Ninject.Web.WebApi
Entity Framework set navigation property to null
NSubstitute - mock throwing an exception in method returning Task
How to use Dependency Injection in AWS Lambda C# implementation
How to access form methods and controls from a class in C#?
Fast C++ program, C# GUI, possible? [closed]
registering httpModules in web.config
Datediff getting the date inbetween 2 dates and bind it to a gridview

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!