Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Apr 17, 2012 01:24 PM by kouts1
Apr 15, 2012 02:26 AM|LINK
What's the best way to check if a user belongs to a specific group after they have logged on using FBA with AD membership provider?
I have tried this but is not working:
If Context.User.IsInRole("admin") Then
Any examples would be great. Thank you!
Apr 15, 2012 07:26 PM|LINK
Apr 16, 2012 02:09 PM|LINK
I need to verify that they are a member of a Specific Distribution Group or/and Security Group.
Apr 16, 2012 05:53 PM|LINK
You can load the user's memberof property and step through the list of groups. The groups are stored as a collection in their DN. You will need to load the CN for each with a directoryentry and then compare the name with any specific groups you want to check
against. You can do this in your global.asax with the session_start.
Dim entry As DirectoryEntry = New DirectoryEntry(LDAPstr, LDAPuser, LDAPpass)
Dim obj As Object = entry.NativeObject
Dim search As DirectorySearcher = New DirectorySearcher(entry)
search.Filter = "(&(objectClass=user)(SAMAccountName=" & username & "))"
Dim result As SearchResult = search.FindOne()
If (result Is Nothing) Then
Dim groupColl as object
For Each groupColl in result.Properties("memberof")
Dim GroupArray as Array = groupColl.split(",")
SELECT GroupArray(0).replace("CN=", "")
Catch ex As Exception
You can also do this in another way by doing an AD search with the user's samaccountname and load the security groups and distro lists into seperate lists by searching for the group type as well. I can post that code if you need it.
Apr 17, 2012 01:24 PM|LINK
Thank you! You got me on the right track. I figured it out using the code below, works great!
Works for both Distro and Security groups!
= userPrincipal__1.IsMemberOf(ctx, IdentityType.Name,
isMember = True