You can load the user's memberof property and step through the list of groups. The groups are stored as a collection in their DN. You will need to load the CN for each with a directoryentry and then compare the name with any specific groups you want to check
against. You can do this in your global.asax with the session_start.
Dim entry As DirectoryEntry = New DirectoryEntry(LDAPstr, LDAPuser, LDAPpass)
Try
Dim obj As Object = entry.NativeObject
Dim search As DirectorySearcher = New DirectorySearcher(entry)
search.Filter = "(&(objectClass=user)(SAMAccountName=" & username & "))"
search.PropertiesToLoad.Add("memberof")
Dim result As SearchResult = search.FindOne()
If (result Is Nothing) Then
Else
Dim groupColl as object
For Each groupColl in result.Properties("memberof")
Dim GroupArray as Array = groupColl.split(",")
SELECT GroupArray(0).replace("CN=", "")
CASE "SecurityGroupName"
'do something
END SELECT
Next groupColl
End If
Catch ex As Exception
'do something
End Try
You can also do this in another way by doing an AD search with the user's samaccountname and load the security groups and distro lists into seperate lists by searching for the group type as well. I can post that code if you need it.
Member
22 Points
65 Posts
check logged on user if is member of a specific group?
Apr 14, 2012 10:26 PM|kouts1|LINK
What's the best way to check if a user belongs to a specific group after they have logged on using FBA with AD membership provider?
I have tried this but is not working:
If Context.User.IsInRole("admin") Then
End If
Any examples would be great. Thank you!
Member
120 Points
71 Posts
Re: check logged on user if is member of a specific group?
Apr 15, 2012 03:26 PM|hiza808|LINK
http://stackoverflow.com/questions/500061/using-asp-net-membership-provider-how-to-check-if-the-user-is-registered-or-not
Member
22 Points
65 Posts
Re: check logged on user if is member of a specific group?
Apr 16, 2012 10:09 AM|kouts1|LINK
I need to verify that they are a member of a Specific Distribution Group or/and Security Group.
Participant
1062 Points
433 Posts
Re: check logged on user if is member of a specific group?
Apr 16, 2012 01:53 PM|gww|LINK
You can load the user's memberof property and step through the list of groups. The groups are stored as a collection in their DN. You will need to load the CN for each with a directoryentry and then compare the name with any specific groups you want to check against. You can do this in your global.asax with the session_start.
Dim entry As DirectoryEntry = New DirectoryEntry(LDAPstr, LDAPuser, LDAPpass) Try Dim obj As Object = entry.NativeObject Dim search As DirectorySearcher = New DirectorySearcher(entry) search.Filter = "(&(objectClass=user)(SAMAccountName=" & username & "))" search.PropertiesToLoad.Add("memberof") Dim result As SearchResult = search.FindOne() If (result Is Nothing) Then Else Dim groupColl as object For Each groupColl in result.Properties("memberof") Dim GroupArray as Array = groupColl.split(",") SELECT GroupArray(0).replace("CN=", "") CASE "SecurityGroupName" 'do something END SELECT Next groupColl End If Catch ex As Exception 'do something End TryYou can also do this in another way by doing an AD search with the user's samaccountname and load the security groups and distro lists into seperate lists by searching for the group type as well. I can post that code if you need it.
Member
22 Points
65 Posts
Re: check logged on user if is member of a specific group?
Apr 17, 2012 09:24 AM|kouts1|LINK
Thank you! You got me on the right track. I figured it out using the code below, works great!
Works for both Distro and Security groups!
---------------------------------------------------------
Using ctx As New PrincipalContext(ContextType.Domain, "domain", "username", "password")
Using userPrincipal__1 As UserPrincipal = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, "username")
Dim isMember As Boolean = userPrincipal__1.IsMemberOf(ctx, IdentityType.Name, "group name")
If isMember = True Then
'logic here
End If
End Using
End Using