Filter users by attribute

Question

This gives a list of UserPrincipals from our ActiveDirectory where Users are in group "x":

var domainContext = new PrincipalContext(ContextType.Domain);
var groupPrincipal = GroupPrincipal.FindByIdentity(domainContext, IdentityType.SamAccountName, "x");

Now how would I filter the users in this list by a custom attribute? All users have an entry in the custom property "Building", and I want to the list to contain only users from a certain building.

SOLUTION

stupid me ... cast the members from groupPrincipal to DirectoryEntry, then access properties ..

        foreach (var member in groupPrincipal.Members)
        {
            // maybe some try-catch ..
            System.DirectoryServices.DirectoryEntry i = (System.DirectoryServices.DirectoryEntry)member.GetUnderlyingObject();
            if (i.Properties["building"].Value.toString() == "NSA HQ")
            {
                // Do stuff here
            }

        }

http://stackoverflow.com/questions/7151770/retrieve-ad-custom-attribute-in-one-batch may help. — mswietlicki, Aug 26 '13 at 15:22
thanks, I've edited my question .. post as answer and I'll vote it. — peter, Aug 26 '13 at 15:34

score 1 · Accepted Answer · edited May 23 '17 at 12:21

1

Yes, you may use member.GetUnderlyingObject()

var members = groupPrincipal.Members.Where(member=>(member.GetUnderlyingObject() as DirectoryEntry).Properties["building"].Value.ToString() == "NSA HQ");

as pointed out in Retrieve AD Custom Attribute in One Batch

edited May 23 '17 at 12:21

Community

1
1

answered Aug 26 '13 at 15:46

mswietlicki

1,413
12
16

Filter users by attribute

1 Answers1