Determining Users in an AD Group

From a command line (on the AD server) you can use this to get the members of a group:

  1: dsquery group -name "Group Account Name" | dsget group -members

Additionally a command line exe to get the groups for the logged in member too, something like this:

  1: My.User.InitializeWithWindowsUser()
  3: Dim identity As System.Security.Principal.WindowsIdentity = TryCast(My.User.CurrentPrincipal.Identity, System.Security.Principal.WindowsIdentity)
  5: Debug.WriteLine(identity.Name)
  7: For Each group As System.Security.Principal.SecurityIdentifier In identity.Groups() 
  8:    Debug.WriteLine(group.Translate(GetType(System.Security.Principal.NTAccount)), "group") 
  9: Next

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

A Website.

Up ↑

%d bloggers like this: