The below code gets me the users in the group but it is returned "CN=johnson\\,Tom,OU=Users,OU=Main,DC=company,DC=com"
I want to just return the First and Last name. How can I accomplish this?
DirectoryEntry ou = new DirectoryEntry();
DirectorySearcher src = new DirectorySearcher();
src.Filter = ("(&(objectClass=group)(CN=Gname))");
SearchResult res = src.FindOne();
if (res != null)
{
DirectoryEntry deGroup = new DirectoryEntry(res.Path);
PropertyCollection pcoll = deGroup.Properties;
foreach (object obj in deGroup.Properties["member"])
{
ListBox1.Items.Add(obj.ToString());
}
}
I prefer using the classes in System.DirectoryServices.AccountManagement:
PrincipalContext principalContext = new PrincipalContext(ContextType.Domain);
GroupPrincipal group = GroupPrincipal.FindByIdentity(principalContext, "GName");
Search through the group.Members property until you have a Principal that you want. Then extract the name like this:
foreach (Principal principal in group.Members)
{
string name = principal.Name;
}
Using your code, the givenName ( first name ) and sn ( last name ) properties should work.
If you use the System.DIrectoryServices.AccountManagement namespace UserPrincipal (as @russell-mcclure suggested), you will find GivenName and Surname properties also.
AccountManagement is very handy unless you have to traverse a trusted forest and need the global catalog to find the user.
This is a PowerShell script that I made to do it without using the AccountManagement classes. It should be easy enough to translate it to C#:
[void][System.Reflection.Assembly]::LoadWithPartialName("System.DirectoryServices");
$groupName = "Grupo Domain";
$directoryEntry = New-Object System.DirectoryServices.DirectoryEntry;
$directorySearcher = New-Object System.DirectoryServices.DirectorySearcher($directoryEntry, "(&(objectClass=group)(CN=$groupName))");
[void]$directorySearcher.PropertiesToLoad.Add("objectSid");
[void]$directorySearcher.PropertiesToLoad.Add("member");
$result = $directorySearcher.FindOne();
if ($result -eq $null) { return; }
# Try get the group members through the "member" property.
if ($result.Properties["member"].Count -gt 0) {
foreach ($member in $result.Properties["member"]) {
$memberSearcher = New-Object System.DirectoryServices.DirectorySearcher($directoryEntry, "(&(objectClass=*)(distinguishedName=$member))");
[void]$memberSearcher.PropertiesToLoad.Add("msDS-PrincipalName");
$memberResult = $memberSearcher.FindOne();
if ($memberResult -eq $null) { continue; }
Write-Output $memberResult.Properties["msDS-PrincipalName"];
}
return;
}
if ($result.Properties["objectSid"].Count -gt 0) {
# The group might be an AD primary group. Try get the members by the PrimaryGroupID.
$groupSid = New-Object System.Security.Principal.SecurityIdentifier($result.Properties["objectSid"][0], 0);
# Hacky way to get only the last RID.
$primaryGroupSid = $groupSid.Value.Replace($groupSid.AccountDomainSid.ToString(), [String]::Empty).TrimStart('-');
$memberSearcher = New-Object System.DirectoryServices.DirectorySearcher($directoryEntry, "(&(objectClass=*)(primaryGroupId=$primaryGroupSid))");
[void]$memberSearcher.PropertiesToLoad.Add("msDS-PrincipalName");
$memberResult = $memberSearcher.FindAll();
if ($memberResult -eq $null) { continue; }
foreach ($member in $memberResult) {
Write-Output $member.Properties["msDS-PrincipalName"];
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.