C# - Active Directory Group Filter

Question

I'm using this code to filter the groups of my active directory domain:

List<Department> result = new List<Department>();
using (PrincipalContext ctx = getContext())
{
    GroupPrincipal gp = new GroupPrincipal(ctx);
    PrincipalSearcher search = new PrincipalSearcher(gp);
    result = (from g in search.FindAll()
                where !g.DistinguishedName.Contains("CN=Builtin")
                select new Department()
                {
                    name = g.Name,
                    description = g.Description
                }).ToList();
}
return result;

As you can see, I already filter the ones that are included by the system, the builtin ones. But the system has some othes, like the ones created by SQL Server. I need to know if there is a way to show only the ones that were created by the server administrator. Is there a way to do that?

This is my getContext code:

public PrincipalContext getContext()
{
    return new PrincipalContext(ContextType.Domain, WebConfigurationManager.AppSettings["SERVER"].ToString(), WebConfigurationManager.AppSettings["DOMAIN"].ToString() + @"\" + WebConfigurationManager.AppSettings["USER"].ToString(), WebConfigurationManager.AppSettings["PASSWORD"].ToString());
}

And the values on the server are these:

<add key="SERVER" value="192.168.1.2"/>
<add key="DOMAIN" value="intra"/>
<add key="USER" value="xxxxx"/>
<add key="PASSWORD" value="xxxxxxx"/>

score 0 · Answer 1 · answered Apr 11 '14 at 21:23

0

The groups that SQL Server creates are local groups on your machine only - they aren't in Active Directory. You'll need to search your local store for those. Open up Local Users & Groups to see those objects.

answered Apr 11 '14 at 21:23

Cam Bruce

5,632
19
34

hum... And how can I filter only the AD groups? 'couse I'm getting all the groups in the system – DanielD Apr 11 '14 at 21:27
This is what i receive for the SQL group: Name:"SQLServerDTSUser$SERVIDOR" Description:"Members in the group have the required access and privileges to be assigned as the log on account for the associated instance of SQL Server Integration Services in SQL Server 2008." – DanielD Apr 11 '14 at 21:29
Yes, that is a group on your machine - it's not in the central active directory – Cam Bruce Apr 11 '14 at 21:34
Ok. And how can I filter to get only the groups on the central active directory? – DanielD Apr 11 '14 at 21:38
can you post your `getcontext()` method? – Cam Bruce Apr 11 '14 at 21:39
the code you currently have is running against an AD server. – Cam Bruce Apr 11 '14 at 21:42
Ok, I didn't understand. Running against? – DanielD Apr 11 '14 at 21:49
You might want to take your `g.DistinguishedName.Contains("CN=Builtin")` filter off and see what returns. – Cam Bruce Apr 11 '14 at 21:55
I've already done that. In fact, the code is !g.DistinguishedName.Contains("CN=Builtin"). Sorry, wrote it wrong. – DanielD Apr 11 '14 at 21:57

C# - Active Directory Group Filter

1 Answers1