Check whether current user is a member of an active directory group

c# active-directory activedirectorymembership active-directory-group
Deepak picture Deepak · Feb 5, 2012 · Viewed 18.4k times · Source

I need to check whether current user is a member of an active directory group. I started with getting the current user as below. Now I want to know how to check this CurrentUser is in active directory group "CustomGroup"

string CurrentUser = WindowsIdentity.GetCurrent().Name;

Answer

JPBlanc picture JPBlanc · Feb 6, 2012

You can use the .NET 3.5 System.DirectoryServices.AccountManagement classes. See the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 for details. You can use something like:

string CurrentUser = WindowsIdentity.GetCurrent().Name;

PrincipalContext context = new PrincipalContext(ContextType.Domain, "Domain");
UserPrincipal upUser = UserPrincipal.FindByIdentity(context, CurrentUser);
if(upUser != null)
{
    if (upUser.IsMemberOf(context, IdentityType.SamAccountName, "CustomGroup")) 
    {
        // The user belongs to the group
    }
}

Related questions

Query From LDAP for User Groups

How To Get User group of user from LDAP active directory in C# .NET for ASP. In my Scenario I want to Pass user name to method which query from LDAP Active directory and tell me my user is Member …

Read More
PrincipalContext.ValidateCredentials always returns FALSE

I have an MVC application that needs to login and verify a user against Active Directory. I am using the PrincipalContext.ValidateCredentials method but always get a authentication of false. Connecting to the Server is fine. The problem seems to …

Read More
Query Active Directory from ASP.NET and bind result to List View

I managed to do ASP.NET authentication work wih AD. Now, I want to query an OU in AD and display the result either ListView or GridView in ASP.NET page. Here's the Domain Controller: dc.itlab.edu The OU: …

Read More