.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

working with Active Directory groups

Posted By:      Posted Date: October 01, 2010    Points: 0   Category :ASP.Net


I don't know much about active directory groups and programming with AD.  Now I am working on a project which will have 5 to 6 links to otherweb pages and I want to give access to these pages based on the logged in users.

So I am implementing a administration project to give access to these web pages and planned to keep all the application names in one table and all the users in another table. When ever a person or group needs access to a single project, I want to add them through another screen linking users to applications and store it in a table. When user tries opening the web page in the project then it needs to verify the logged in user in the table and display the project if it has a entry for the user with the application.

I am planning to implement some thing like below

Applications Table




Users Table





Link Application to User




When user logs in verify the above table to check if user with the application is available and display the web page required.


To do this I need to store all the employees details in the company from different AD groups into the users

View Complete Post

More Related Resource Links

Maintain users and groups list of Active Directory for an asp.net web application only

Hi, I have configured active directory in my server 2008. We have a web project using asp.net mvc named Audit planning and Execution Software(Apex2).What we want to do is to authenticate Active directory users for this project.I can get all active directory users, groups, users of a group etc.I want to add users in active directory for the Apex2 project only using asp.net.I also want to display only the users and groups of Active Directory registered with the Apex2 project only. And I also want to add active directory users from whole AD list to our project's AD list. Can you please tell me, how will I do this. Shall I create an Organizational Unit and maintain all users and groups there for our project? Or, is there any other way to do this?  please help me.Thank You

how to create groups for the active directory

hello guys,For my web application i have use the directory services to authenticate the users ,every thing works gr8 ,but now i would like to create groups for the active directory and add users to the groups ,is it possible,if yes please help me out .i am using visual studio 2010 web application C#.

Unable to see Active Directory Groups in the User Profile Database after Profile Import

SharePoint Server 2010 Enterprise RTM. W2K8R2 w/multi-server setup: AD/DNS SQL 2008 WFE APP Claims Mode Web App only using Windows Integrated Auth So, this was never a problem in 2007, and I didn't even realize it was a problem in 2010 until I started to build a solution that utilized my blog article: InfoPath - User Roles in Browser-Enabled Forms Using AD Groups.  I went to utilize the same web method of the same web service, but I noticed that no data was showing up at all.  Typically, the GetUserMembership/GetCommonMembership methods return the specified user's memberships: AD Security Groups, AD Distribution Lists, and SharePoint Sites (not SharePoint Groups, though). My user profile sync is working.  All AD users are pulled in with the proper profile data. "Users and Groups" is selected in the Synchronization Entities section of my Sync Settings. Security groups are working for permissions and audience targeting.  Confirmed my users are affected properly by the use of Security Groups. My query to the GetUserMemberships web method (and GetCommonMemberships) is running (not failing), but it's not returning anything even though my user is in some Security Groups and has explicit membership to multiple sites. The GetUserProfileByName method of the same UserProfileService.asmx web service returns all the regular profile data

Building Groups in Active Directory versus Using SharePoint Groups



Can someone point me to an article or blog that discusses the pros and cons of setting groups (owner, full control, contributor, read only) in the Active Directory verus just connecting MOSS 2007 to the AD and building the groups directly in MOSS?  MOSS 2007 only.  Is there any functionality that is lost by building the groups in AD and adding people there rather than building groups in MOSS and adding people there?


Thanks! Patti N.

Too many groups/using Active Directory group as a member?



Joined a new organization that just adopted sharepoint. to manage users, they've created three primary groups - SharePoint Owners, SharePoint  Members, and SharePoint Visitors. The SharePoint Visitors group contains only one member - an Active Directory group that contains all of the members of our department. The reson for this is so that when new employees join and old employees leave the Our Department Active Directory group, they automatically are added to the SharePoint group SharePoint Visitors and have access to SharePoint and the appropriate permissions.

People from another Active Directory group (internal customers) are selected individually and placed in their appropriate groups.

Our department is broken down into 27 teams or "Tasks." Each Task has Task Members, Managers and Customers (and SharePoint groups to reflect those). Thus, our department has 81 user groups under it. On the site, all of the user groups except the owners are given limited access, and can only read or contribute on a per Document Library or per Document basis.

In our Task Reports document library, the managers are given contribute status and the employees are given limited status. Employees are only given contribute access to the Task report for their specific task.

Here's a graphical map:

How to set SearchRoot Path in Active Directory in this scenario


How to set SearchRoot Path in Active Directory in this scenario:

Functionality: We have scenario that 1<sup>st</sup> hit one LDAP server with some 'fixed user name' &' fixed password ' and filter data with specific User name(which given by user) getting 'User dn'.

After that we hit Next LDAP server based on the 'User dn' getting from 1<sup>st</sup> server.

(So, in my case 1<sup>st</sup> LDAP server works like as Load balancing server but functionalitywise it is different)


active directory exception unusual behaviour


i have a small problem
i want user names from active directory for an auto completer type of service
the method is always throwing an exception 
"searcher.FindAll()' threw an exception of type 'System.DirectoryServices.DirectoryServicesCOMException' System.DirectoryServices.SearchResultCollection 

Active Directory and .NET: paging the search result

Hi everybody!

I have a question about Active Directory in .NET
For my project I need to fetch results from Active Directory search page by page, because later I would need to bind it to the pageable DataGrid.

I tried to use .NET library DirectoryServices for that, but paging provided by this library is transparent to the user and is used only to increase the efficiency of searching, when results are too big. I.e. I cannot tell the DirectorySearcher to give me first page, then the next or previous page, it returns me all resulting pages in one bundle.

However, what I need is to explicitely get page after page directly from the AD searcher and to be able to go at least one page forward or backward.

The solution with copying all results to the DataBase and then do the paging is not accepeted by the clent, since it is too inefficient. And since it's a Web app, I cannot keep results in memory either.

I found some hints about COM Interface, but I could not find good and detailed examples or explanations. I aslo found this line of code: DirectoryServices.Interop.IDirectorySearch.ExecuteSearch(), but I don't know which libraries should i add to be able to compile this code.

If somebody could help me out with that problem, any suggestion is welcome, 'cause this issue is eating me alive :)

Thank you!

Error on Display user's fullname using Active Directory in asp.net using vb.net



wi As System.Security.Principal.WindowsIdentity =  _System.Security.Principal.WindowsIdentity.GetCurrent()



Dim a As String() = HttpContext.Current.User.

Getting list of users reporting from specific Manager from Active Directory


Dear All,

I am have requirement like displaying all the user information reporting to specific manager from Active Directory.

Please help me regarding this.



List Users from Active Directory


When i try to List the users from Active directory, i get this exception.

Error while processing.System.Runtime.InteropServices.COMException (0x80072020): An operations error occurred at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindAll()

The code i used is :

DirectoryEntry de = new DirectoryEntry(_path);DirectorySearcher deSearch = new DirectorySearcher();

deSearch.SearchRoot =de;

deSearch.Filter = "(&(objectClass=user) (cn=" + UserName +"))";

SearchResultCollection results = deSearch.FindAll();

 But the DirectoyEntry method is getting validated if i use the overloaded method : DirectoryEntry(_path, domainAndUsername, password);

Please advice me.

AD FS 2.0 in Identity Solutions: Using Active Directory Federation Services 2.0 in Identity Solution


This article explains how you can use Active Directory Federation Services (AD FS) 2.0 to claims-enable Windows Communication Foundation (WCF) services and browser-based applications. The focus is on the token issuance functionality in AD FS 2.0. You'll find out how to use AD FS 2.0 as an identity provider; set up an AD FS 2.0 security token service (STS) to interact with WCF; federate AD FS 2.0 with your custom STS or another AD FS 2.0; enable Web single sign-on and federation with WS-Federation and SAML 2.0 protocols; and externalize authentication logic through Visual Studio. You'll come away appreciating how AD FS 2.0 and Windows Identity Foundation make programming identity solutions in Windows less of a chore.

Zulfiqar Ahmed

MSDN Magazine November 2009

Security Briefs: Active Directory Cache Dependencies


If you're not taking advantage of Active Directory, you should be. Learn the benefits from Keith Brown.

Keith Brown

MSDN Magazine July 2007

Single Sign-On: A Developer's Introduction To Active Directory Federation Services


Use Active Directory Federation Services to allow other organizations to use your Web applications without the need for you to grant access explicitly.

Keith Brown

MSDN Magazine November 2006

Got Directory Services?: New Ways to Manage Active Directory using the .NET Framework 2.0


System.DirectoryServices is a managed code layer on top of Active Directory Service Interfaces, and you can employ it to better manage Active Directory from your code. Here Ethan Wilansky helps you get started.

Ethan Wilansky

MSDN Magazine December 2005

Active Directory and ASP.net VB




Real newbie question :-)


I currently get the current logged on user info from AD by using :

Label1.Text = Page.User.Identity.Name.ToString
However now I need to get the following :
Label2 = (this must show the current logged on user's email address)
Label3 = (this must show the current user's manager)

any help would be appreciated

UpdateListItems Webservice is not working on Photo directory in blogsite



   I have created a site using the standard blogsite template. By default it contains a picture library named "Photos". I want to create a new folder in this library using the UpdateListItems Webservice. But I am getting an exception saying "The file name you specified could not be used.  It may be the name of an existing file or directory, or you may not have permission to access the file." But there is not file/folder with the name I am specifying. I am using the following query to create the folder



  <Batch PreCalc="TRUE" OnError="Continue" RootFolder="/forexp/Photos">

  <Method ID="1" Cmd="New">

  <Field Name="ID">New</Field> 

  <Field Name="FSObjType">1</Field> 

  <Field Name="FileRef">/blogsite/Photos/TestFolder</Field> 




Please note that I can create the folder using the web interface. I also created a new picture library in the same site and used the same above query to create the folder and I am able to create the folder.


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend