Set ActiveDirectory if machine is a member of a group

Question

Set ActiveDirectory if machine is a member of a group

It should be very simple, but for some reason it doesn't look like it. I want to ask AD if the current machine is a member of a specific group. Direct membership is ok.

The group only contains 8 PCs and is highly unlikely to grow to 30.

C # code examples appreciated!

+2

c # .net active-directory ldap

Noel kennedy 23 oct. '09 at 13:58

source to share

1 answer

Donut · Accepted Answer · 2009-10-23T14:07:03+0000

Here's an example method using the namespace System.DirectoryServices

:

public bool BelongsToGroup(string computerName, string groupName, string domain)
{
   PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, domain);

   ComputerPrincipal computer = ComputerPrincipal.FindByIdentity(domainContext, computerName);

   foreach (Principal result in computer.GetGroups())
   {
      if (result.Name == groupName)
      {
         return true;
      }
   }

  return false;
}

So, you can call it like this:

string computerName = Environment.MachineName;
string groupName = "Group Name";
string domainName = "Domain Name";
bool test = BelongsToGroup(computerName, groupName, domainName);

Set ActiveDirectory if machine is a member of a group

More articles: