Retrieve all the users in an Active Directory group using C#

c# active-directory active-directory-group
Ben Aston picture Ben Aston · Jan 20, 2010 · Viewed 12k times · Source

How do I retrieve the users in a given AD group?

Do I start by instantiating a PrincipalContext with a domain, username and password?

Answer

tvanfosson picture tvanfosson · Jan 20, 2010

First, find the group. Then enumerate its users using GetMembers().

using (var context = new PrincipalContext( ContextType.Domain ))
{
     using (var group = GroupPrincipal.FindByIdentity( context, "groupname" ))
     {
           var users = group.GetMembers( true ); // recursively enumerate
           ...
     }
}

Note that there is a bug, fixed in .NET 4.0, where it will fail to enumerate more than 1500 members of the group. If you have a large group you need to use an alternative method taking advantage of the older methods in System.DirectoryServices.

Related questions

See if user is part of Active Directory group in C# + Asp.net

I need a way to see if a user is part of an active directory group from my .Net 3.5 asp.net c# application. I am using the standard ldap authentication example off of msdn but I don't really see how …

Read More
Adding and removing users from Active Directory groups in .NET

I am writing the following methods to add and remove users from active directory in C#. void AddUserToGroup(string userId, string groupName); void RemoveUserFromGroup(string userId, string groupName); How best to implement these methods? Here is some code from CodeProject. …

Read More
Listing All Active Directory Groups

The following code lists some, but not all, Active Directory Groups. Why? I am trying to list all security groups, distribution groups, computer groups etc. Have I specified the wrong objectClass? private static void ListGroups() { DirectoryEntry objADAM = default(DirectoryEntry); DirectoryEntry …

Read More