How do you recruit all users for a role, including roles in roles?

I have a Sitecore site that uses an AD module to connect to Active Directory. Let's say we have a role defined in Sitecore called Content Contributors. Content authors can contain separate user accounts - "jsmith" - or they can contain an entire AD group - "Northeast Managers". I need to get a list of all users who are in the Content Authors role, directly or indirectly (via an AD group). Right now, my code only seems to return users who are directly members of the Content Authors role. Here is my code:

string[] _roleUserNames = System.Web.Security.Roles.GetUsersInRole("Content Authors");


I assumed that this code would return an "effective" list of everyone in this role. It seems it only brings back people who are right in this role. Does anyone know if there is some other way to get everyone in the role?


source to share

2 answers

I realized this is a particular issue for Sitecore as Sitecore permits roles in roles and this functionality is built on top of the MS ASP.NET membership stuff. To enlist all users for the role, including "indirect" users, you must use the following code:

IEnumerable<User> _roleUsers = Sitecore.Security.Accounts.RolesInRolesManager.GetUsersInRole(Role.FromName("Content Authors"), true);


This will give you all users including indirect users.



I know this is old, but I ran into this problem and the above solution did not work for us. No indirect users were found in Active Directory, only indirect users in Sitecore roles.

Further investigation of the AD module role provider appears to indicate that there is code for indirect roles, but the call it needs is not working. dotPeek showed me that there is an explicit "false" setting for a parameter that triggers an indirect role lookup for users and does not read that parameter.

We needed to decompile the AD 1.1 code and then fix that part to make it work.



All Articles