I need to know if a user belongs to an OU, say under Accounts>Support, or not in Active Directory. I dont know much about Active Directory. Any ideas

Thanks in advance.

Re: Visual Basic Express Edition active directory group

Martin Xie - MSFT

Hi Robinhere,

This code sample demonstrates how to determine current loggon user is of Administrators group.

Code Block

Imports System.Security.Principal

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click

Dim logonToken As IntPtr = WindowsIdentity.GetCurrent().Token

Dim MyIdentity As WindowsIdentity = New WindowsIdentity(logonToken)

Dim wp As WindowsPrincipal = New WindowsPrincipal(MyIdentity)

'Dim wp As WindowsPrincipal = New WindowsPrincipal(WindowsIdentity.GetCurrent())

If wp.IsInRole(WindowsBuiltInRole.Administrator) = True Then

MessageBox.Show("The current user is of Administrators.")


MessageBox.Show("The current user is not of Administrators.")

End If

End Sub


Roles-Based Authentication

By the way, to manage Active Directory service, you need to Add Reference to System.DirectoryServices.dll and System.DirectoryServices.Protocols.dll.

The following code demonstrates how to add a new Account/User "testUser" to Guests group.

Code Block

Imports System.DirectoryServices

Public Class Form1

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click


Dim AD As New DirectoryEntry("WinNT://" + Environment.MachineName + ",computer")

Dim NewUser As DirectoryEntry = AD.Children.Add("testUser", "user")

NewUser.Invoke("SetPassword", New Object() {"Shanghai!microsoft"})

'User cannot change password


'Password Never Expires

Dim ADS_UF_DONT_EXPIRE_PASSWD As Integer = &H10000

NewUser.Invoke("Put", New Object() {"userFlags", ADS_UF_DONT_EXPIRE_PASSWD Or ADS_UF_PASSWD_CANT_CHANGE})

NewUser.Invoke("Put", New Object() {"Description", "Test User from .NET"})


Dim grp As DirectoryEntry

grp = AD.Children.Find("Guests", "group")

If grp IsNot Nothing Then

grp.Invoke("Add", New Object() {NewUser.Path.ToString()})

End If

MessageBox.Show("Account Created Successfully")

Catch ex As Exception


End Try

End Sub

End Class

This forum is more appropriate for Active Directory issues.

ASP.NET Forums Data Access Active Directory and LDAP