Last post May 28, 2013 12:09 PM by NoBullMan
May 24, 2013 01:53 PM|NoBullMan|LINK
I am trying to get a list of security groups in AD but I am not having much luck. When I check Active Directory Users and Computers MMC, I see:
and so on. What I need is all security groups in Group1_1_2. I tried using DirectoryEntry and DirectorySearcher using "(&(objectClass=group))" as search filter but I get things I can't even find in Active Directory Users and Computers MMC.
May 24, 2013 06:34 PM|smirnov|LINK
Use LDAP tools, e.g. LDAP Browser where you can test "(&(objectClass=group))"
To get nested groups for Group1_1_2 your search request should include uid= or cn= and must be something like
but again you can see it exactly in LDAP Browser.
May 28, 2013 09:34 AM|NoBullMan|LINK
Thank you for the reply smirnov. I downloaded the tool and chcekd the AD structure. What I see is soething like this:
DC = <domain name>
OU = Group1_2_1
In the code I have:
string strPath = "LDAP://<domain Name>.ABC.DEF.COM";
// Binding object.
DirectoryEntry objADAM = default(DirectoryEntry);
// Group Results.
DirectoryEntry objGroupEntry = default(DirectoryEntry);
// Search object.
DirectorySearcher objSearchADAM = default(DirectorySearcher);
// Results collection.
SearchResultCollection objSearchResults = default(SearchResultCollection);
// Construct the binding string.
List<string> result = new List<string>();
// Get the AD LDS object.
objADAM = new DirectoryEntry(strPath);
catch (Exception e)
// Get search object, specify filter and scope,
// perform search.
objSearchADAM = new DirectorySearcher(objADAM);
//objSearchADAM.Filter = "(memberOf:1.2.840.1135188.8.131.521:=OU=Group1_2_1)";
objSearchADAM.Filter = "(&(objectCategory=group)(OU=Group1_2)(OU=Grpup1_2_1))";
objSearchADAM.SearchScope = SearchScope.Subtree;
objSearchResults = objSearchADAM.FindAll();
objSearchResults alwyas has a count of 0.
May 28, 2013 10:36 AM|smirnov|LINK
I don't think that objSearchADAM.Filter = "(&(objectCategory=group)(OU=Group1_2)(OU=Grpup1_2_1))"; is correct. It should be
objSearchADAM.Filter = "(&(objectCategory=group)(OU=Grpup1_2_1))";
May 28, 2013 12:09 PM|NoBullMan|LINK
I had tried that as well but it did not return anythinh. I had to use
as the path string for DirectoryEntry and then just use (objectcategory=group) as search filter.