I'm messing up with getting a full and usable list of all recursive groups to populate up a dropdownlist control to select a group to administer right within a ASP.net page.
The used Code:
List<string> groups = new List<string>();
using (DirectorySearcher searcher = new DirectorySearcher(dEntry))
{
searcher.Filter = "(objectCategory=group)";
foreach (SearchResult result in searcher.FindAll())
{
string group = result.Path.Substring(result.Path.IndexOf("/CN=")+4);
string formatedResult = group.Substring(0, group.IndexOf(",CN="));
groups.Results.Add(formatedResult);
}
}
The result list is long, containing a bunch of system-groups, which are not needed. Only specific system-groups should be included in the groups list, like "Administrators" and all "non-system-defined" or "system-related" groups. (Like: Departments, Applicationgroups, etc. defined in the AD-Structure).
Any hint how to do that with DirectoryEntry?
If the 0x1 flag is present in groupType attribute, the group is created by the system. Can modify the filter to search for:
system groups:
(&(objectCategory=group)(groupType:1.2.840.113556.1.4.803:=1))
non-system groups:
(&(objectCategory=group)(!(groupType:1.2.840.113556.1.4.803:=1)))