Console application to print AD and TFS Groups of Specific user by inputing username and collection url
Question
namespace TFSGroupMembersFast
{
class Program
{
static Dictionary<IdentityDescriptor, TeamFoundationIdentity>
m_identities =
new Dictionary<IdentityDescriptor, TeamFoundationIdentity>
(IdentityDescriptorComparer.Instance);
static List<TeamFoundationIdentity> m_groups = new
List<TeamFoundationIdentity>();
static string uname;
static IIdentityManagementService _ims;
static List<string> grname = new List<string>();
static void Main(string[] args)
{
Console.WriteLine("Enter TFS server or project collection Url");
Console.Write("e.g. http://localhost:8080/tfs/defaultcollection: ");
Console.WriteLine();
string address = Console.ReadLine();
Console.WriteLine();
Console.WriteLine("Enter Team Project Uri for project scope, else
empty string");
Console.Write("e.g. vstfs:///Classification/TeamProject/****: ");
string projectUri = Console.ReadLine();
Console.WriteLine();
Console.WriteLine("Enter user name:");
uname = Console.ReadLine();
DateTime startTime = DateTime.Now;
TfsTeamProjectCollection tfs = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(TfsTeamProjectCollection.GetFullyQualifiedUriForName(address));
_ims = tfs.GetService<IIdentityManagementService>();
if (string.IsNullOrEmpty(projectUri))
{
TeamFoundationIdentity group =
_ims.ReadIdentity(GroupWellKnownDescriptors.EveryoneGroup,
MembershipQuery.Direct, ReadIdentityOptions.None);
m_identities[group.Descriptor] = group;
m_groups.Add(group);
// Get expanded membership of the Valid Users group, which is all
identities in this host
group =
_ims.ReadIdentity(GroupWellKnownDescriptors.EveryoneGroup,
MembershipQuery.Expanded, ReadIdentityOptions.None);
FetchIdentities(group.Members);
}
else
{
// Get all groups in this project
TeamFoundationIdentity[] projectGroups =
_ims.ListApplicationGroups(projectUri, ReadIdentityOptions.None);
Dictionary<IdentityDescriptor, object> descSet = new Dictionary<IdentityDescriptor, object>(IdentityDescriptorComparer.Instance);
foreach (TeamFoundationIdentity projectGroup in projectGroups)
{
descSet[projectGroup.Descriptor] = projectGroup.Descriptor;
}
// Expanded membership of project groups
projectGroups = _ims.ReadIdentities(descSet.Keys.ToArray(),
MembershipQuery.Expanded, ReadIdentityOptions.None);
// Collect all descriptors
foreach (TeamFoundationIdentity projectGroup in projectGroups)
{
foreach (IdentityDescriptor mem in projectGroup.Members)
{
descSet[mem] = mem;
}
}
FetchIdentities(descSet.Keys.ToArray());
}
// Now output groups and their members.
foreach (TeamFoundationIdentity identity in m_groups)
{
Write(identity);
}
Console.WriteLine(String.Format("======= Finished reading {0}
identities in {1} minutes",
m_identities.Count, (DateTime.Now - startTime).TotalMinutes));
for (int i = 0; i < grname.Count; i++)
{
Console.WriteLine(grname[i]);
}
Console.ReadLine();
}
static void FetchIdentities(IdentityDescriptor[] descriptors)
{
TeamFoundationIdentity[] identities;
// If total membership exceeds batch size limit for Read, break it up
int batchSizeLimit = 100000;
if (descriptors.Length > batchSizeLimit)
{
int batchNum = 0;
int remainder = descriptors.Length;
IdentityDescriptor[] batchDescriptors = new
IdentityDescriptor[batchSizeLimit];
while (remainder > 0)
{
int startAt = batchNum * batchSizeLimit;
int length = batchSizeLimit;
if (length > remainder)
{
length = remainder;
batchDescriptors = new IdentityDescriptor[length];
}
Array.Copy(descriptors, startAt, batchDescriptors, 0,length);
identities = _ims.ReadIdentities(batchDescriptors,
MembershipQuery.Direct, ReadIdentityOptions.None);
SortIdentities(identities);
remainder -= length;
}
}
else
{
identities = _ims.ReadIdentities(descriptors,
MembershipQuery.Direct, ReadIdentityOptions.None);
SortIdentities(identities);
}
}
static void SortIdentities(TeamFoundationIdentity[] identities)
{
foreach (TeamFoundationIdentity identity in identities)
{
m_identities[identity.Descriptor] = identity;
if (identity.IsContainer)
{
m_groups.Add(identity);
}
}
}
static void Write(TeamFoundationIdentity group)
{
// Output this group's membership
Console.WriteLine("Members of group: {0}", group.DisplayName);
Console.WriteLine("=================");
foreach (IdentityDescriptor memDesc in group.Members)
{
Console.WriteLine(m_identities[memDesc].DisplayName);
if (m_identities[memDesc].DisplayName == uname)
{
grname.Add(group.DisplayName);
}
}
Console.WriteLine();
}
}
}
I got the groups the user belong but i want to differentiate the groups as AD Group and TFS Group
1 answers
solution1
0 2018-06-20 08:41:40
Based on my test, in TFS the AD groups will map to TFS Group first, So no elements to differentiate the groups as AD Group and TFS Group
However we can differentiate the users as local or domain user:
using Microsoft.TeamFoundation.Client;
using Microsoft.TeamFoundation.Server;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace GetUser
{
class Program
{
static void Main(string[] args)
{
TfsTeamProjectCollection tfs = new TfsTeamProjectCollection(new Uri("http://server:8080/tfs/DefaultCollection"));
tfs.EnsureAuthenticated();
IGroupSecurityService gss = tfs.GetService<IGroupSecurityService>();
Identity SIDS = gss.ReadIdentity(SearchFactor.AccountName, "Project Collection Valid Users", QueryMembership.Expanded);
Identity[] UserId = gss.ReadIdentities(SearchFactor.Sid, SIDS.Members, QueryMembership.Direct);
foreach (Identity user in UserId)
{
if (user != null)
{
Console.WriteLine(user.AccountName);
Console.WriteLine(user.Domain);
}
}
Console.ReadKey();
}
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
C# Console Application - Get Current User AD Groups
How to get AD groups a user is in specifying username and domain
AD Groups for Windows User
Get user groups in AD with nested groups
azure AD Security groups of a User
Getting a list of AD Groups a user is in
check user in ad groups within groups
Allow user to sign in by Azure AD username and password
Checking for User Membership in Nested AD Groups
User AD groups not returned when deployed to IIS
Related Tags