1

I need a way in C# to find user IDs that are part of a particular AD Group, and if a user is part of the AD group return true.

What I have so far from Getting users list from an AD Group is :

private Boolean IsMemberPartOfGroup(String groupName)
{
    var found = false;
    var ctx = new PrincipalContext(ContextType.Domain);  // fetch your group 
    var group = GroupPrincipal.FindByIdentity(ctx, groupName);  // enumerate over the group's members 
    foreach(var p in group.Members)
    {
        if (String.CompareOrdinal("group", p.StructuralObjectClass) == 0)
        {
            var g = p as GroupPrincipal;
            this.IsMemberPartOfGroup(g);
        }
        else if(p.Guid == UserPrincipal.Current.Guid)
        {
            found = true;
            break;
        }
    }
    return found;
}

The problem is if a member of a group is another group. Anyone that is part of the inner group that is a member of the outer group should be considered authorized.

Is there a better way to do this?

Community
  • 1
  • 1
BladeHal
  • 683
  • 1
  • 8
  • 26

0 Answers0