Getting members of an AD group where result type is a custom derived UserPrincipal

Question

I've created my own derived UserPrincipal-type which is used to get some extended AD properties. This works fine.

Now I'm looking for a way to use the GetMembers() method of the groupprincipal object to return me a list of my custom UserPrincipal type.

A bit the same way FindByIdentityWithType works on the UserPrincipal where there's an overload on which you can specify your own PrincipalType.

Is there a way to do this on the GetMembers method?

score 4 · Answer 1 · answered May 03 '12 at 20:40

Instead of GroupPrincipal.GetMembers, I ended up using AdvancedSearchFilter to construct the LDAP memberof query.

    static void Main(string[] args)
    {
        using (var context = new PrincipalContext(ContextType.Domain))
        {
            var group = GroupPrincipal.FindByIdentity(context, IdentityType.Name, "Group Name");

            UserPrincipalEx qbe = new UserPrincipalEx(context);
            qbe.AdvancedSearchFilter.MemberOf(group);
            PrincipalSearcher searcher = new PrincipalSearcher(qbe);

            var all = searcher.FindAll().OfType<UserPrincipalEx>().ToList();

            foreach (var member in all)
            {
                Console.WriteLine(member.DisplayName);
            }
        }
    }

    public class UserPrincipalExSearchFilter : AdvancedFilters
    {
        public UserPrincipalExSearchFilter(Principal p) : base(p) { }

        public void MemberOf(GroupPrincipal group)
        {
            this.AdvancedFilterSet("memberof", group.DistinguishedName, typeof(string), MatchType.Equals);
        }
    }

    [DirectoryRdnPrefix("CN")]
    [DirectoryObjectClass("User")]
    public class UserPrincipalEx : UserPrincipal
    {
        private UserPrincipalExSearchFilter searchFilter;

        public UserPrincipalEx(PrincipalContext context)
            : base(context)
        {

        }

        public UserPrincipalEx(PrincipalContext context,
                             string samAccountName,
                             string password,
                             bool enabled)
            : base(context,
                   samAccountName,
                   password,
                   enabled)
        {
        }

        public new UserPrincipalExSearchFilter AdvancedSearchFilter
        {
            get
            {
                if (null == searchFilter)
                    searchFilter = new UserPrincipalExSearchFilter(this);

                return searchFilter;
            }
        }
    }

One (corrected) comment on this - you might be tempted to use qbe.IsMemberOf() instead of the extra search filter, but my experience was that didn't work. So don't do it. — MikeBaz - MSFT, Oct 08 '12 at 15:20

score 0 · Accepted Answer · answered Apr 10 '12 at 07:52

I did not manage to find an easy way to return custom userprincipals from the GetMembers function. I wasn't even able to convert the returned UserPrincipal to my custom userprincipal.

Finally I've solved this by getting all the users from my OU using the FindAll method on the PrincipalSearcher object and setting its queryfilter to a new type of my custom userprincipal.

Then checking each user whether or not it is a member of a group by using the GetGroups method of the base userprincipal class.

Getting members of an AD group where result type is a custom derived UserPrincipal

2 Answers2