How to get the groups of a user in Active Directory?_问答_开发者

How to get the groups of a user in Active Directory?

开发者 https://www.devze.com 2023-04-12 17:49 出处：网络

I use from this code: List<GroupPrincipal> result = new List<GroupPrincipal>(); // establish domain context

I use from this code:

   List<GroupPrincipal> result = new List<GroupPrincipal>();

   // establish domain context
   PrincipalContext MyDomain = new PrincipalContext(ContextType.Domain);

   // find your user
   UserPrincipal user = UserPrincipal.FindByIdentity(MyDomain , username);

   // if found - grab its groups
   if(user != null)
   {
      PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups();

      // iterate over 开发者_开发问答all groups
      foreach(Principal p in groups)
      {
         // make sure to add only group principals
         if(p is GroupPrincipal)
         {
             result.Add(p);
         }
      }
   }

but on this line ( user.GetAuthorizationGroups() ) I got an exception

This server is not operational

In a web environment:

System.Web.HttpContext.Current.Request.LogonUserIdentity.Groups

or in your context:

user.GetGroups()

MSDN

From what I remember, the exception can be caused by the fact that the domain name cannot be resolved with any available DNS. Make sure that it is and the exception goes away.

Check this if it can help you http://support.microsoft.com/kb/842789

Update :

Open Visual Studio As Administrator and then open your solution. then try again. I believe that your problem is because of application permition.

I've got exactly the same trouble when I run one of my program from a computer (dev computer) which does not belong to the domain I query for. I mean that I got the context, I got the UserPrincipal information and I've got the same error when I call GetGroups(). The same program run on the server itself works perfectly.

I tryed to manage to have my developpment computer directly configured with the domain DNS as first DNS, but it was the same.

I tryed to hard configure domain and DC adresses in hosts file but it was the same.

So I remote debug my program from a virtual machine which was in the domain.

I install my Active Directory again and my problem resolved...

One of the groups your trying to grab included in the GetGroups is an administrator group and requires special permission. Try setting a user/password in your context and use getGroups(context)