Find Active Directory Group

School Boy Error · Mar 8, 2012

Hi, I am trying to find out the Active Directory Group that the current user belongs to. I have the current users username stored in strUserName and have got this code so far:

VB.NET:

[SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Function[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] FindGroup([/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]ByVal[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] UserName [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2])
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] adSearch [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] DirectorySearcher
adSearch.Filter = ([/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]"(userPrincipalName="[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] & UserName & [/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]")"[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2])
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] adResults = adSearch.FindOne.Path
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] adResultsDirectory [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] DirectoryEntry(adResults)
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] UserGroup [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]String
[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2][/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Return[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] UserGroup
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Function
[/COLOR][/SIZE][/COLOR][/SIZE]

But don't know where to go from here. I only need my function to return the group they belong to.

Many thanks!

Herman · Mar 8, 2012

I never did these things in VB.Net, usually VBScript for administrative tools... Here's a small snippet, up to you to convert what you need from there...

Const E_ADS_PROPERTY_NOT_FOUND  = &h8000500D

Dim objUser   : Set objUser  = GetObject("LDAP://domain.com")
Dim intPrimaryGID  : intPrimaryGID = objUser.Get("primaryGroupID")
Dim arrMemberOf  : arrMemberOf  = objUser.GetEx("memberOf")

If Err.Number = E_ADS_PROPERTY_NOT_FOUND Then
    WScript.StdOut.WriteLine "The memberOf attribute is not set."
Else
    WScript.StdOut.WriteLine "Member of: "
    For Each Group in arrMemberOf
        WScript.StdOut.WriteLine Group
    Next
End If

Dim objConnection : Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"

Dim objCommand : Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = "<LDAP://domain.com;(objectCategory=Group);distinguishedName,primaryGroupToken;subtree"  

Dim objRecordSet : Set objRecordSet = objCommand.Execute
  
Do Until objRecordset.EOF
    If objRecordset.Fields("primaryGroupToken") = intPrimaryGroupID Then
        WScript.StdOut.WriteLine "Primary group:"
        WScript.StdOut.WriteLine objRecordset.Fields("distinguishedName") & " (primaryGroupID: " & intPrimaryGroupID & ")"
    End If
    objRecordset.MoveNext
Loop
 
objConnection.Close

Find Active Directory Group

School Boy Error

New member

Herman

Well-known member

Similar threads

Share this page

Latest posts