Robinhere

I need to know if a user belongs to an OU, say under Accounts>Support, or not in Active Directory. I dont know much about Active Directory. Any ideas

Thanks in advance.



Re: Visual Basic Express Edition active directory group

Martin Xie - MSFT

Hi Robinhere,

This code sample demonstrates how to determine current loggon user is of Administrators group.

Code Block

Imports System.Security.Principal

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click

Dim logonToken As IntPtr = WindowsIdentity.GetCurrent().Token

Dim MyIdentity As WindowsIdentity = New WindowsIdentity(logonToken)

Dim wp As WindowsPrincipal = New WindowsPrincipal(MyIdentity)

'Dim wp As WindowsPrincipal = New WindowsPrincipal(WindowsIdentity.GetCurrent())

If wp.IsInRole(WindowsBuiltInRole.Administrator) = True Then

MessageBox.Show("The current user is of Administrators.")

Else

MessageBox.Show("The current user is not of Administrators.")

End If

End Sub

References:

Roles-Based Authentication

By the way, to manage Active Directory service, you need to Add Reference to System.DirectoryServices.dll and System.DirectoryServices.Protocols.dll.

The following code demonstrates how to add a new Account/User "testUser" to Guests group.

Code Block

Imports System.DirectoryServices

Public Class Form1

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click

Try

Dim AD As New DirectoryEntry("WinNT://" + Environment.MachineName + ",computer")

Dim NewUser As DirectoryEntry = AD.Children.Add("testUser", "user")

NewUser.Invoke("SetPassword", New Object() {"Shanghai!microsoft"})

'User cannot change password

Dim ADS_UF_PASSWD_CANT_CHANGE As Integer = &H40

'Password Never Expires

Dim ADS_UF_DONT_EXPIRE_PASSWD As Integer = &H10000

NewUser.Invoke("Put", New Object() {"userFlags", ADS_UF_DONT_EXPIRE_PASSWD Or ADS_UF_PASSWD_CANT_CHANGE})

NewUser.Invoke("Put", New Object() {"Description", "Test User from .NET"})

NewUser.CommitChanges()

Dim grp As DirectoryEntry

grp = AD.Children.Find("Guests", "group")

If grp IsNot Nothing Then

grp.Invoke("Add", New Object() {NewUser.Path.ToString()})

End If

MessageBox.Show("Account Created Successfully")

Catch ex As Exception

MessageBox.Show(ex.Message)

End Try

End Sub

End Class

This forum is more appropriate for Active Directory issues.

ASP.NET Forums Data Access Active Directory and LDAP

Regards,

Martin