How to get foreignSecurityPrincipal from group. using DirectorySearcher

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by kain64b on Stack Overflow See other posts from Stack Overflow or by kain64b
Published on 2013-06-25T10:13:04Z Indexed on 2013/06/25 10:21 UTC
Read the original article Hit count: 1952

Filed under:
|
|
|

What I tested with 0 results:

string queryForeignSecurityPrincipal = "(&(objectClass=foreignSecurityPrincipal)(memberof:1.2.840.113556.1.4.1941:={0})(uSNChanged>={1})(uSNChanged<={2}))";

sidsForeign = GetUsersSidsByQuery(groupName, 

string.Format(queryForeignSecurityPrincipal, groupPrincipal.DistinguishedName, 0, 0));

public IList<SecurityIdentifier> GetUsersSidsByQuery(string groupName, string query)
        {


     List<SecurityIdentifier> results = new List<SecurityIdentifier>();
        try{
            using (var context = new PrincipalContext(ContextType.Domain, DomainName, User, Password))
            {

                using (var groupPrincipal = GroupPrincipal.FindByIdentity(context, IdentityType.SamAccountName,
                                                                          groupName))
                {
                    DirectoryEntry directoryEntry = (DirectoryEntry)groupPrincipal.GetUnderlyingObject();
                    do
                    {
                        directoryEntry = directoryEntry.Parent;
                    }
                    while (directoryEntry.SchemaClassName != "domainDNS");

                    DirectorySearcher searcher = new DirectorySearcher(directoryEntry){
                        SearchScope=System.DirectoryServices.SearchScope.Subtree,
                        Filter=query,
                        PageSize=10000,
                        SizeLimit = 15000
                    };

                    searcher.PropertiesToLoad.Add("objectSid");
                    searcher.PropertiesToLoad.Add("distinguishedname");
                    using (SearchResultCollection result = searcher.FindAll())
                    {
                        foreach (var obj in result)
                        {
                            if (obj != null)
                            {
                                var valueProp = ((SearchResult)obj).Properties["objectSid"];
                                foreach (var atributeValue in valueProp)
                                {
                                    SecurityIdentifier value = (new SecurityIdentifier((byte[])atributeValue, 0));
                                    results.Add(value);
                                }
                            }
                        }
                    }
                }
            }

        }
        catch (Exception e)
        {
            WriteSystemError(e);
        }
        return results;
    }

I tested it on usual users with query: "(&(objectClass=user)(memberof:1.2.840.113556.1.4.1941:={0})(uSNChanged>={1})(uSNChanged<={2}))" and it is work, I test with objectClass=* ... nothing help... But If I call groupPrincipal.GetMembers,I get all foreing user account from group. BUT groupPrincipal.GetMembers HAS MEMORY LEAK. Any Idea how to fix my query????

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about c#

Related posts about .NET

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle