Last post Dec 08, 2017 11:03 PM by RBennett010
Dec 08, 2017 10:42 PM|RBennett010|LINK
I'm still fairly new to .NET, and am hoping someone can shed some light on a weird issue I'm having. I'm trying to write a method that can accept the name of an Active Directory computer, user, or group, and spit back the nested/recursive list of group memberships
that object belongs to.
Right now I've got it giving me 121 entries, when it should be giving me 135. I can't figure out why I'm not getting everything.
Can someone tell me if there's something wrong with my code?
public List<string> EnumerateAllGroupMemberships(string objectName)
List<string> groupsList = new List<string>();
using (DirectoryEntry directoryEntry = CreateDirectoryEntry(myDomainRoot))
using (DirectorySearcher directorySearcher = new DirectorySearcher())
directorySearcher.SearchRoot = directoryEntry;
GetGroupMembershipsRecursively(directorySearcher, objectName, groupsList);
private void GetGroupMembershipsRecursively(DirectorySearcher directorySearcher, string objectName, List<string> groupsList)
directorySearcher.Filter = "(name=" + objectName + ")";
SearchResult result = directorySearcher.FindOne();
if (result != null)
var memberOfCollection = result.Properties["memberOf"];
foreach (var entry in memberOfCollection)
string groupDN = entry.ToString();
if (!groupsList.Contains(groupDN)) //Skip groups that have already been found
string groupName = GetNameFromDN(groupDN);
GetGroupMembershipsRecursively(directorySearcher, groupName, groupsList);
Dec 08, 2017 11:03 PM|RBennett010|LINK
It never seems to fail... Post on a forum, spend five more minutes looking at the code and go "ah-ha!". Turned out I had to switch from "name" in my filter to "distinguishedName", and then the counts looked better. Now I can clean up the methods a little