0

I am using this asmx.VB code to authenticate a user in AD. I need to also bring back what groups they are members of. Any help would be appreciated. 

 <WebMethod(Description:="Checks User against Active Directory.", EnableSession:=False)> _
    Public Function CHECK_AD(ByVal userid As String, ByVal Password As String) As Integer
        Dim iErrorNumber As Integer
        Dim isPass As Boolean = False
        Try
            Dim pc As New PrincipalContext(ContextType.Domain, "SomeDomain")
            isPass = pc.ValidateCredentials(userid, Password, ContextOptions.Negotiate)
            If isPass = True Then
                iErrorNumber = 1
            Else
                iErrorNumber = 0
            End If
        Catch ex As Exception
            iErrorNumber = -1
        End Try
        Return iErrorNumber
    End Function
Tinman
  • 31
  • 7
  • So right now you are returning 0,1 or -1...now you need to return something else, like a dictionary or a list.. which approach are you gonna use? – Hackerman Jul 01 '16 at 16:10
  • Really no idea, I'm new to AD. I was thinking after the login was verified it would call another function to determine what groups the user was a member of, if they were a member of the specified group, tbd later, it would let them advance. I think I just need to return the group list to the front end. I can handle it from there. – Tinman Jul 01 '16 at 16:31
  • Possible duplicate of [How to get the groups of a user in Active Directory? (c#, asp.net)](http://stackoverflow.com/questions/5309988/how-to-get-the-groups-of-a-user-in-active-directory-c-asp-net) – Hackerman Jul 01 '16 at 16:53

1 Answers1

0

I Have this code to get properties of user in active directory, maybe can help you, just add a button and if you want uncomment the first three comment lines and comment the first three lines of code after declarations. (sorry the code is in spanish).

Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click

Dim objetoUsuario, gruposSeguridad
Dim ultimoInicioSesion As String
Dim dominio As String
Dim nombreUsuario As String
Dim estadoCuenta As String
Dim gruposSeguridadUsuario As String = ""

'dominio = InputBox("Nombre del dominio Windows Server", "")
dominio = Environment.UserDomainName
'nombreUsuario = InputBox("Nombre de usuario del dominio", "")
nombreUsuario = Environment.UserName
'   On Error GoTo cError

On Error Resume Next

objetoUsuario = GetObject("WinNT://" + dominio + "/" + nombreUsuario + ",user")
If Err.Number = 0 Then
    If objetoUsuario.AccountDisabled = True Then
        estadoCuenta = "Deshabilitado"
        ultimoInicioSesion = "No existe"
    Else
        estadoCuenta = "Habilitado"
        ultimoInicioSesion = objetoUsuario.Get("Lastlogin")
    End If

    gruposSeguridad = ""
    For Each gruposSeguridad In objetoUsuario.Groups
        If gruposSeguridadUsuario = "" Then
            gruposSeguridadUsuario = gruposSeguridad.Name
        Else
            gruposSeguridadUsuario = gruposSeguridadUsuario + ", " + gruposSeguridad.Name
        End If
    Next


    'Mostramos los datos del usuario
    MsgBox("Nombre completo: " & objetoUsuario.Get("Fullname") & vbCrLf & _
        "Descripción: " & objetoUsuario.Get("Description") & vbCrLf & _
        "Nombre: " & objetoUsuario.Get("Name") & vbCrLf & _
        "Carpeta de inicio: " & objetoUsuario.Get("HomeDirectory") & vbCrLf & _
        "Script de inicio: " & objetoUsuario.Get("LoginScript") & vbCrLf & _
        "Último inicio de sesión: " & ultimoInicioSesion & vbCrLf & _
        "Perfil: " & objetoUsuario.Get("Profile") & vbCrLf & _
        "Estado de la cuenta: " & estadoCuenta & vbCrLf & _
        "Grupos seguridad: " & gruposSeguridadUsuario, vbInformation + vbOKOnly)
    objetoUsuario = Nothing
Else
    MsgBox("No existe el usuario " + nombreUsuario + " o el dominio " + dominio, vbExclamation + vbOKOnly)
End If

'cSalir:
'    Exit Sub
'
'cError:
'    MsgBox "Error " + CStr(Err.Number) + " " + Err.Description
'    GoTo cSalir

End Sub

Rchrd
  • 35
  • 1
  • 8
  • You can also check this [page](http://stackoverflow.com/questions/5162897/how-can-i-get-a-list-of-users-from-active-directory?rq=1) – Rchrd Jul 01 '16 at 21:59