Search Results

Search found 6976 results on 280 pages for 'who is active'.

Page 13/280 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

  • Space in search base OU causes error in Active Directory

    - by Jared Farrish
    Recently, while putting together some code to page Active Directory results beyond sizeLimit=1000, we ran into a strange behavior/bug of AD. Specifically, if we had an OU with a space in the search base, it caused an error: String base = "OU=Area X,OU=myserver,DC=my,DC=ad,DC=myserver,DC=com"; env.put(Context.PROVIDER_URL, "ldap://my.ad.myserver.com:389/" + base); This is the error we received: javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031007DB, problem 5012 (DIR_ERROR), data 0 When we remove that OU, it works fine. What would cause this to occur? Do we need to encode the space somehow (+ and %20 only caused more issues)? Or is this generally illegal/unnecessary?

    Read the article

  • Active directory select and display with asp.net (oledb) (error code: DB_E_ERRORSINCOMMAND(0x80040E1

    - by Phil
    I am trying to make a page which displays some user information returned from active directory. Here is my code so far: Dim oConnection As OleDbConnection Dim oCmd As OleDbCommand Dim strADOQuery As String Dim oleReader As OleDbDataReader oConnection = New OleDbConnection() oCmd = New OleDbCommand() oConnection.ConnectionString = "Provider=ADsDSOObject;" oConnection.Open() oCmd.Connection = oConnection strADOQuery = "select distinguishedName, cn, givenname, sn, mail, middleName, displayName, description, telephonenumber, physicalDeliveryOfficeName, employeeID from 'LDAP://dc=foo,dc=ac,dc=uk' WHERE objectCategory='Person' AND objectClass='user' AND sAMAccountName='" & Uname & "'""" oCmd.CommandText = strADOQuery oCmd.CommandTimeout = 600 oCmd.ExecuteReader() While oleReader.Read ADDN = r("distinguishedName") ADCommonName = r("cn") ADFirstName = r("givenname") ADLastName = r("sn") ADEmail = r("mail") ADFirstandLast = r("displayName") ADDescription = r("description") ADTelephone = r("telephonenumber") ADOffice = r("physicalDeliveryOfficeName") ADStaffnum = r("employeeID") End While oConnection.Close() oleReader.Close() I'm finding it hard to see exactly what is wrong with the code. The error message presented is vague: 'ADsDSOObject' failed with no error message available, result code: DB_E_ERRORSINCOMMAND(0x80040E14). Any assistance would be greatly appreciated Thanks.

    Read the article

  • Symfony user authentication using Active Directory

    - by Radu Dragomir
    Is there a way to authenticate users in symfony apps using Active Directory? Can you please point out some documentation? edit What i need is to have a transparent login in my application. The user authenticates once at windows logon, then all applications should be accessed with the same credentials without being asked for the domain\username and password again. I tried the following in a simple php script: if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="my realm"'); header('HTTP/1.0 401 Unauthorized'); exit; } else { echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>"; echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>"; } but then i get the authentication form popped up. Is there any way to pass the header the credentials used at windows logon? Thanks, Radu.

    Read the article

  • What does sub error code 568 mean for Ldap Error 49 with Active Directory

    - by Dean Povey
    I am writing some Java code that authenticates to Active Directory using SASL GSSAPI. Mostly this code is working fine but for one user I am getting the response: javax.naming.AuthenticationException: [LDAP: error code 49 - 8 0090304: LdapErr: DSID-0C0904D1, comment: AcceptSecurityContext error, data 568, v1772 ] I know that 49 means this is an authentication failure, and that the relevant sub code is 568, but I am only aware of the following meanings for that data: 525 - user not found 52e - invalid credentials 530 - not permitted to logon at this time 532 - password expired 533 - account disabled 701 - account expired 773 - user must reset password So far I am unable to find an authorative source of these error codes from Microsoft (this list is pieced together from forum posts) and I can't find anything for that 568 error. Does anyone know what it means?

    Read the article

  • Accessing Active Directory Role Membership through LDAP using SQL Server 2005

    - by David Neale
    I would like to get a list of Active Directory users along with the security groups they are members of using SQL Server 2005 linked servers. I have the query working to retrieve records but I'm not sure how to access the memberOf attribute (it is a multi-value LDAP attribute). I have this temporary to store the information: DROP TABLE #ADUSERGROUPS CREATE TABLE #ADUSERGROUPS ( sAMAccountName varchar(30), UserGroup varchar(50) ) Each group/user association should be one row. This is my SELECT statement: SELECT sAMAccountName,memberOf FROM OpenQuery(ADSI, '<LDAP://hqdc04/DC=nt,DC=avs>; (&(objectClass=User)(sAMAccountName=9695)(sn=*)(mail=*)(userAccountControl=512)); sAMAccountName,memberOf;subtree') I get this error msg: OLE DB error trace [OLE/DB Provider 'ADSDSOObject' IRowset::GetData returned 0x40eda: Data status returned from the provider: [COLUMN_NAME=memberOf STATUS=DBSTATUS_E_CANTCONVERTVALUE], [COLUMN_NAME=sAMAccountName STATUS=DBSTATUS_S_OK]]. Msg 7346, Level 16, State 2, Line 2 Could not get the data of the row from the OLE DB provider 'ADSDSOObject'. Could not convert the data value due to reasons other than sign mismatch or overflow.

    Read the article

  • c# Active Directory via WMI

    - by Juri Bogdanov
    Hi! Does anyone has some example about accessing Active Directory, LDAP querying using WMI (System.Management namespace) and not System.DirectoryServices namespace. Here on MSDN page it is described a little using CIM classes http://msdn.microsoft.com/en-us/library/aa392320(v=VS.85).aspx But I cant find some C# example realizing it. For example, to access some Win32 class you have to initialize Scope object to use CIMV2 namespace private ConnectionOptions connection; private ManagementScope scope; ... connection = new ConnectionOptions(); ... scope = new ManagementScope("\\\\" + computer + "\\root\\CIMV2", connection); try { scope.Connect(); } And use ObjectQuery class for querying WMI data ObjectQuery objectQuery = new ObjectQuery("SELECT Name FROM Win32_Processor"); ManagementObjectSearcher searcher = ManagementObjectSearcher(scope, objectQuery); foreach (ManagementObject queryObj in searcher.Get()) { return queryObj["Name"].ToString(); } How is it possible to access AD using the same scope? Thanks :)

    Read the article

  • Reading Active Directory group users in SharePoint

    - by Faiz
    Hi, Say that i have an active directory group called "Group1". I add this Group1 to a SharePoint site ( People and Group New User). All the users that are part of Group1 can now access sharepoint site. Now,for a specific custom webpart, i need to target to only users who belong to Group1. But when a user who belongs to Group1 logs into the sharepoint site, i am not finding a way to determine from within SharePoint context if this user belongs to Group1. Any thoughts? Thanks, Faiz

    Read the article

  • Silverlight and Active Directory

    - by Refracted Paladin
    I am planning to familiarize(read teach) myself with Silverlight by building an in-house app for managing our employees. I, obviously, would need this to interact with Active Directory on some level. What are my options? Has anyone tried this before? I am currently going to explore using Services(WCF???) to do the AD interaction portion? Thoughts? There is also this SO Post on using PowerShell to interact with AD. Maybe that is a possibility? Thanks,

    Read the article

  • How do I use NTLM authentication with Active Directory

    - by Jon Works
    I am trying to implement NTLM authentication on one of our internal sites and everything is working. The one piece of the puzzle I do not have is how to take the information from NTLM and authenticate with Active Directory. There is a good description of NTLM and the encryption used for the passwords, which I used to implement this, but I am not sure of how to verify if the user's password is valid. I am using Coldfusion but a solution to this problem can be in any language (Java, Python, PHP, etc). Edit: I am using Coldfusion on Redhat Enterprise Linux. Unfortunately we cannot use IIS to manage this and instead have to write or use a 3rd party tool for this.

    Read the article

  • Impersonation in asp.net, confused about implmentation when used with Active Directory & Sql Server

    - by AWC
    I have an internal website that is using integrated windows authentication and this website uses sql server & active directory queries via the System.Directory.Services namespace. To use the System.Directory.Services namespace in ASP.NET I have to run IIS under an account that has the correct privileges and importantly have impersonation set to true in the web config. If this is done then when I make a query against AD then the credentials of the wroker process (IIS) are used instead of the ASPNET account and therefore the queries will now succeed. Now if I am also using Sql Server with a connection string configured for integrated security ('Integrated Security=SSPI') then this interprets the ASP.NET impersonation to mean that I want to access the database as the windows credentials of the request no the worker process. I hope I'm wrong and that I've got the config wrong, but I don't think I have and this seems not to be inconsistent? It should be noted I'm using IIS 5.1 for development and obivously this doesn't have the concept of app-pools which I believe would resolve the problem.

    Read the article

  • VBS Script for modifying multi-value Active Directory display specifier

    - by sh-beta
    Following the howto Extending the Active Directory Schema To Track Custom Info I'm able to setup a single-value schema attribute that is easily changeable via a context menu in ADUC. Multi-value schema attributes get considerably more complicated. Say (for the sake of argument) my value is "Projects" and each user may be a list as many projects as necessary. Following is a sad little script that will set Project to a single value: Dim oproject Dim oUser1 Dim temp1 Set oproject = Wscript.Arguments Set oUser1 = GetObject(oproject(0)) temp1 = InputBox("Project: " & oUser1.project & vbCRLF & vbCRLF & "Project") if temp1 <> "" then oUser1.Put "project",temp1 oUser1.SetInfo Set oUser1 = Nothing Set oproject = Nothing Set temp1 = Nothing WScript.Quit How can I modify this to allow, assign, and modify multiple values?

    Read the article

  • Active Directory public key use

    - by Chris Meadows
    I have a client who has a requirement to validate users logging into my web application against his active directory using LDAP. In trying to connect using the DirectoryEntry and DirectorySearcher .NET classes, I can connect to his AD Server but not access it. The client's AD server has an SSL Certificate for which he has given me a public key file but I don't know how to use this public key file in my C# code. When I issue the connect command through code, I see, via Wireshark, my application sending the connection request. I then see the server responding with "Server Hello, Certificate, Certificate Request, Server Hello Done". Then my application never responds after that. In using another application, written by somebody else for which I do not have code, I see the same request from the server and then see the application respond with "Certificate, Client Key Exchange" and then the application connects and runs. With that said, my question then becomes, how can I get my C# application to load and send the key file I got from the client?

    Read the article

  • Authenticating to multiple OUs in Active Directory

    - by Jaxidian
    I'm using the Active Directory Membership Provider with the following configuration: <connectionStrings> <add name="MyConnString" connectionString="LDAP://domaincontroller/OU=Product Users,DC=my,DC=domain,DC=com" /> </connectionStrings> <membership defaultProvider="MyProvider"> <providers> <clear /> <add name="MyProvider" connectionStringName="MyConnString" connectionUsername="my.domain.com\service_account" connectionPassword="biguglypassword" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> This works perfectly except it requires ALL of my users to be in the "Product Users" OU when I would actually like to have all of my users organized into various child OUs under our "Product Users" OU. Is this possible? (Note that this is a partial repost of this question but the question I'm asking here was never answered there.)

    Read the article

  • Active Directory Programming help needed

    - by ricky2002
    Hello Friends, I want to make Windows Service in .NET which has to run on Windows Server 2003, 2008. The main functionalities i need are: As soon as a network user logs in, Display his: User name in Active Directory Domain Ip Address from where he connected I do not want to install or run any program/script on the client machine. Any help on how to go about developing this will be greatly appreciated. i saw some articles explaining this using the System.Environment namespace and some others but they only shed light for the local logged on user.

    Read the article

  • Replicating Active Directory - testing scenarios

    - by Naeem Sarfraz
    Replicating a production server's Active Directory is possible through a number of approaches as mentioned here and here. I'm looking for a simpler approach if one exists. I have a mixed-mode authentication site that I need to test. Quite simply AD users (internal) will have more privilege's than someone who logs in via forms (external). We have a web service that cache's an AD structure (users & groups). I'm thinking of building a module (http handler I guess?) that will pick up my specially formed URL (http://impersonateduser@localhost/mywebapp) and use the bit before the @ as the username. That will be the username I use for any subsequent operations. How does that sound? Has anyone got other proposals for testing scenarios like this?

    Read the article

  • Querying Active Directory in ruby app on Windows box

    - by Ben
    I have a small ruby app in which I'm trying to query some information from Active Directory. The app will be run by a Windows user who is already logged in. It looks like the ruby-net-ldap gem wants me to connect to an LDAP server using an IP address, port and then pass my username and password. Is there a way to achieve this (with a different gem, say) so that I don't have to pass this information (I don't have the current user's password for example, so that's not going to work)? I'm also hosting a Trac website on our intranet (which is written in Python if I remember correctly and that seems to know the current Windows username and domain. If it can do it, surely my little ruby app can access this information too?

    Read the article

  • FileSystemWatcher surpassing Active Directory restrictions

    - by DevexPP
    While experimenting with FileSystemWatcher, I've found out that it somehow surpasses Active Directory's restrictions to files and folders, and will raise change events with information about what has changed in files and folders that you don't even have access to. I have two questions about that: 1) Why does this happen ? 2) Is this a problem in the AD configuration ? how do I fix it ? 3) Is there any way to gather these files, or even create a FileSystemInfo of them to get more info about the files (not only the changes made on them) ? As far as I've tried, only the FileSystemWatcher immune to the restrictions, I can't run any other thing over it, here's a list of what I've tried: File.Exists Directory.Exists FileInfo instance on found files DirectoryInfo instance on found files File.Copy File.Delete

    Read the article

  • How to setup a development Active Directory

    - by Rob
    Does anyone have any suggestions on how to setup a development environment for active directory? We are thinking of using development.contoso.com or something along those lines that is a completely separate envnironment from our production. This will be used for things like Dev SharePoint and possibly a Dev exchange server. Maybe even a dev CRM. We are thinking of setting this up all using virtual machines. Possibly having the production get replicated down on a regular basis as well. Does anyone have an experience with this or any suggestions on what to do or not to do for this?

    Read the article

  • Connecting flex/php to Active Directory

    - by modz0r
    Is there a way to connect my flex web application to Active Directory, and get the logged username? Right now we have a PHP script connected to the flex application, that gets user/pass input from the user and checks if there's such user in the AD, and that the password is correct. I don't want to ask for user/pass, but to make the application get the domain username that connected to it, so I could use it (check if the user has access to my application and such). Is there a way to do so?

    Read the article

  • How to configure IIS7 to Redirect member of An active Directory group to static page

    - by user1759075
    On IIS, we have disabled Anonymous authentication and enabled Windows Authentication What we need is to only allow users who are members of an Active Directory security group to access the Access Point at all. All other users should be directed to a static web page that will give them instructions on how to request access. By adding the security group to the website permissions, and removing the \Users group, we have almost achieved this. Users in the group are allowed through, those not in the group are asked for a (Windows) username and password. Instead of requesting the username and password, we want IIS to redirect them to the static page. Please advise me on how can this be done.

    Read the article

  • Active directory authentication for Ubuntu Linux login and cifs mounting home directories...

    - by Jamie
    I've configured my Ubuntu 10.04 Server LTS Beta 2 residing on a windows network to authenticate logins using active directory, then mount a windows share to serve as there home directory. Here is what I did starting from the initial installation of Ubuntu. Download and install Ubuntu Server 10.04 LTS Beta 2 Get updates # sudo apt-get update && sudo apt-get upgrade Install an SSH server (sshd) # sudo apt-get install openssh-server Some would argue that you should "lock sshd down" by disabling root logins. I figure if your smart enough to hack an ssh session for a root password, you're probably not going to be thwarted by the addition of PermitRootLogin no in the /etc/ssh/sshd_config file. If your paranoid or not simply not convinced then edit the file or give the following a spin: # (grep PermitRootLogin /etc/ssh/sshd_conifg && sudo sed -ri 's/PermitRootLogin ).+/\1no/' /etc/ssh/sshd_conifg) || echo "PermitRootLogin not found. Add it manually." Install required packages # sudo apt-get install winbind samba smbfs smbclient ntp krb5-user Do some basic networking housecleaning in preparation for the specific package configurations to come. Determine your windows domain name, DNS server name, and IP address for the active directory server (for samba). For conveniance I set environment variables for the windows domain and DNS server. For me it was (my AD IP address was 192.168.20.11): # WINDOMAIN=mydomain.local && WINDNS=srv1.$WINDOMAIN If you want to figure out what your domain and DNS server is (I was contractor and didn't know the network) check out this helpful reference. The authentication and file sharing processes for the Windows and Linux boxes need to have their clocks agree. Do this with an NTP service, and on the server version of Ubuntu the NTP service comes installed and preconfigured. The network I was joining had the DNS server serving up the NTP service too. # sudo sed -ri "s/^(server[ \t]).+/\1$WINDNS/" /etc/ntp.conf Restart the NTP daemon # sudo /etc/init.d/ntp restart We need to christen the Linux box on the new network, this is done by editing the host file (replace the DNS of with the FQDN of the windows DNS): # sudo sed -ri "s/^(127\.0\.0\.1[ \t]).*/\1$(hostname).$WINDOMAIN localhost $(hostname)/" /etc/hosts Kerberos configuration. The instructions that follow here aren't to be taken literally: the values for MYDOMAIN.LOCAL and srv1.mydomain.local need to be replaced with what's appropriate for your network when you edit the files. Edit the (previously installed above) /etc/krb5.conf file. Find the [libdefaults] section and change (or add) the key value pair (and it is in UPPERCASE WHERE IT NEEDS TO BE): [libdefaults] default_realm = MYDOMAIN.LOCAL Add the following to the [realms] section of the file: MYDOMAIN.LOCAL = { kdc = srv1.mydomain.local admin_server = srv1.mydomain.local default_domain = MYDOMAIN.LOCAL } Add the following to the [domain_realm] section of the file: .mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL Conmfigure samba. When it's all said done, I don't know where SAMBA fits in ... I used cifs to mount the windows shares ... regardless, my system works and this is how I did it. Replace /etc/samba/smb.conf (remember I was working from a clean distro of Ubuntu, so I wasn't worried about breaking anything): [global] security = ads realm = MYDOMAIN.LOCAL password server = 192.168.20.11 workgroup = MYDOMAIN idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes restrict anonymous = 2 Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start Setup the authentication. Edit the /etc/nsswitch.conf. Here are the contents of mine: passwd: compat winbind group: compat winbind shadow: compat winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start At this point I could login, home directories didn't exist, but I could login. Later I'll come back and add how I got the cifs automounting to work. Numerous resources were considered so I could figure this out. Here is a short list (a number of these links point to mine own questions on the topic): Samba Kerberos Active Directory WinBind Mounting Linux user home directories on CIFS server Authenticating OpenBSD against Active Directory How to use Active Directory to authenticate linux users Mounting windows shares with Active Directory permissions Using Active Directory authentication with Samba on Ubuntu 9.10 server 64bit How practical is to authenticate a Linux server against AD? Auto-mounting a windows share on Linux AD login

    Read the article

  • How to Authenticate to Active Directory Services (ADs) using .NET 3.5 / C#

    - by Ranger Pretzel
    After much struggling, I've figured out how to authenticate to my company's Active Directory using just 2 lines of code with the Domain, Username, and Password in .NET 2.0 (in C#): // set domain, username, password, and security parameters DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain, username, password, AuthenticationTypes.Secure | AuthenticationTypes.SecureSocketsLayer); // force Bind to AD server to authenticate object obj = entry.NativeObject; If the 2nd line throws an exception, then the credentials and/or parameters were bad. (Specific reason can be found in the exception.) If no exception, then the credentials are good. Trying to do this in .NET 3.5 looks like it should be easy, but has me at a roadblock instead. Specifically, I've been working with this example: PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, domain); using (domainContext) { return domainContext.ValidateCredentials(UserName, Password); } Unfortunately, this doesn't work for me as I don't have both ContextOptions set to Sealed/Secure and SSL (like I did above in the .NET 2.0 code.) There is an alternate constructor for PrincipalContext that allows setting the ContextOptions, but this also requires supplying a Distinguished Name (DN) of a Container Object and I don't know exactly what mine is or how I would find out. public PrincipalContext(ContextType contextType, string name, string container, ContextOptions options); // container: // The container on the store to use as the root of the context. All queries // are performed under this root, and all inserts are performed into this container. // For System.DirectoryServices.AccountManagement.ContextType.Domain and System.DirectoryServices.AccountManagement.ContextType.ApplicationDirectory // context types, this parameter is the distinguished name of a container object. Any suggestions?

    Read the article

  • Saving record in Subsonic 3 using Active Record

    - by singfoom
    I'm having trouble saving a record in Subsonic 3 using Active record. I've generated my objects using the DALs and tts and everything seems fine because the following test passes. I think that my connection string is correct or the generation wouldn't have succeeded. [Test] public void TestSavingAnEmail() { Email testEmail = new Email(); testEmail.EmailAddress = "[email protected]"; testEmail.Subscribed = true; testEmail.Save(); Assert.AreEqual(1, Email.All().Count()); } On the live side, the following code fails: protected void btEmailSubmit_Click(object sender, EventArgs e) { Email email = new Email(); email.EmailAddress = txtEmail.Text; email.Subscribed = chkSubscribe.Checked; email.Save(); } with a message of: Need to specify Values or a Select query to insert - can't go on! at the following line repo.Add(this,provider); line in my ActiveRecord.cs: public void Add(IDataProvider provider){ var key=KeyValue(); if(key==null){ var newKey=_repo.Add(this,provider); this.SetKeyValue(newKey); }else{ _repo.Add(this,provider); } SetIsNew(false); OnSaved(); } Am I doing something horribly wrong here? The save and add methods have parameterless overloads that I thought were safe to use. Do I need to pass a provider? I've googled around for this for a while and was unable to come up with anything specific to my situation. Thanks in advance for any kind of answer.

    Read the article

  • Error: Only LDAP Connection Strings are Supported against Active Directory

    - by Brent Pabst
    I have the following ASP.NET Membership section defined in the Web.config file: <membership defaultProvider="AspNetActiveDirectoryMembershipProvider"> <providers> <clear/> <add connectionStringName="ADService" connectionUsername="umanage" connectionPassword="letmein" enablePasswordReset="true" enableSearchMethods="true" applicationName="uManage" clientSearchTimeout="30" serverSearchTimeout="30" name="AspNetActiveDirectoryMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> The Connection string looks like this: <add name="ADService" connectionString="ldap://familynet.local" /> Whenever I call the following code: Membership.GetAllUsers(); I get the following error: Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Only LDAP connection strings are supported against Active Directory and ADAM. I don't understand why the system is claiming the LDAP connection string is bad because it is in fact a valid LDAP string as specified by the MSDN documentation. http://msdn.microsoft.com/en-us/library/system.web.security.activedirectorymembershipprovider.aspx Any ideas?

    Read the article

  • Fast way to get a list of group members in Active Directory with C#

    - by Jeremy
    In a web app, we're looking to display a list of sam accounts for users that are a member of a certain group. Groups could have 500 or more members in many cases and we need the page to be responsive. With a group of about 500 members it takes 7-8 seconds to get a list of sam accounts for all members of the group. Are there faster ways? I know the Active Directory Management Console does it in under a second. I've tried a few methods: 1) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); List<string> lst = grp.Members.Select(g => g.SamAccountName).ToList(); 2) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); PrincipalSearchResult<Principal> lstMembers = grp.GetMembers(true); List<string> lst = new List<string>(); foreach (Principal member in lstMembers ) { if (member.StructuralObjectClass.Equals("user")) { lst.Add(member .SamAccountName); } } 3) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); System.DirectoryServices.DirectoryEntry de = (System.DirectoryServices.DirectoryEntry)grp.GetUnderlyingObject(); List<string> lst = new List<string>(); foreach (string sDN in de.Properties["member"]) { System.DirectoryServices.DirectoryEntry deMember = new System.DirectoryServices.DirectoryEntry("LDAP://" + sDN); lst.Add(deMember.Properties["samAccountName"].Value.ToString()); }

    Read the article

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >