Getting a list of AD Groups a user is in

Question

I have this;

PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, httpContext.User.Identity.Name);
PrincipalSearchResult<Principal> authgroups = user.GetAuthorizationGroups();
PrincipalSearchResult<Principal> userGroups = user.GetGroups();

And it works to a point. However the groups I am getting back don't really look like what I was expecting.

Using gpresult /V from the command prompt gives me a list that looks something like;

    BUILTIN\Administrators
    Everyone
    SQLServerMSSQLServerADHelperUser$ITVN1259
    BUILTIN\Users

But using the code gives me;

Name ( "zz.Enterprise Vault Users Group 3" )
Name ( "CM-InternetAccessUsers(C)-SZ" )

How do I get the same list as gpresult does?

Answer 1

I use something like this - I think you're only missing the SamAccountName part:

    public string[] Groups
    {
        get { return UserPrincipal.Current.GetAuthorizationGroups()
                                          .Select(e => e.SamAccountName)
                                          .ToArray(); }
    }

EDIT : Use GetAuthorizationGroups() instead of GetGroups() for a recursive search (only returns security groups, not distribution groups).