I need to check whether current user is a member of an active directory group. I started with getting the current user as below. Now I want to know how to check this CurrentUser is in active directory group "CustomGroup"
string CurrentUser = WindowsIdentity.GetCurrent().Name;
You can use the .NET 3.5 System.DirectoryServices.AccountManagement
classes. See the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 for details. You can use something like:
string CurrentUser = WindowsIdentity.GetCurrent().Name;
PrincipalContext context = new PrincipalContext(ContextType.Domain, "Domain");
UserPrincipal upUser = UserPrincipal.FindByIdentity(context, CurrentUser);
if(upUser != null)
{
if (upUser.IsMemberOf(context, IdentityType.SamAccountName, "CustomGroup"))
{
// The user belongs to the group
}
}
Try thisin .NET 3.5 or 4:
PrincipalContext infPC = new PrincipalContext(ContextType.Domain, "domain", "login", "password");
UserPrincipal infUP = new UserPrincipal(infPC);
PrincipalSearcher infPS = new PrincipalSearcher();
UserPrincipal foundUP;
GroupPrincipal infGP = new GroupPrincipal(infPC);
GroupPrincipal foundGP;
string CurrentUser = WindowsIdentity.GetCurrent().Name;
infUP.SamAccountName = CurrentUser;
infPS.QueryFilter = infUP;
foundUP = infPS.FindOne();
infGP.Name = "CustomGroup";
infPS.QueryFilter = infGP;
foundGP = infPS.FindOne();
bool ismember = foundUP.IsMemberOf(foundGP);