Search code examples
c#active-directoryactive-directory-group

System.DirectoryServices.Protocol add/remove user from group

I want to Add remove a user from a group in System.DirectoryServices.Protocol namespace.

I have the samples mentioned here :

link to my other question

But can't find an exampel fo how to add and remove a user from a group using S.DS.P.

Does anyone know of any samples for this operation?

Thanks,

Cal-

Solution

  • Just for those who follow, here is how I actually solved the problem using System.DirectoryServices.AccountManagement

    string adServer = "";
            string adServerUser = "";
            string adServerPassword = "";
            string adServerContainer = "";

            GetSettings( ref adServer, ref adServerUser, ref adServerPassword, ref adServerContainer );

            if ( ((!string.IsNullOrEmpty(adServer) && !string.IsNullOrEmpty(adServerUser)) && !string.IsNullOrEmpty(adServerPassword)) && !string.IsNullOrEmpty(adServerContainer))
            {
                try
                {
                    using (PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, adServer, adServerContainer, adServerUser, adServerPassword))
                    {
                        using (GroupPrincipal group = GroupPrincipal.FindByIdentity(principalContext, IdentityType.SamAccountName, this.textBox_GroupAdd.Text))
                        {
                            if (group == null)
                            {
                                FlexibleMessageBox.Show("group could not be found");
                                return;
                            }
                            PrincipalSearchResult<Principal> x = group.GetMembers();
                            using (UserPrincipal user = UserPrincipal.FindByIdentity(principalContext, IdentityType.SamAccountName, this.textBox_adName.Text))
                            {
                                string userSid = string.Format("<SID={0}>", ToSidString(user));
                                DirectoryEntry groupDirectoryEntry = (DirectoryEntry) group.GetUnderlyingObject();
                                groupDirectoryEntry.Properties["member"].Add(userSid);
                                groupDirectoryEntry.CommitChanges();
                            }
                        }
                    }
                }
                catch (Exception ex)
                {
                    FlexibleMessageBox.Show(ex.ToString());
                }
                FlexibleMessageBox.Show("group add done");
            }

    and here is the guts of the remove from group

                        using (UserPrincipal user = UserPrincipal.FindByIdentity(principalContext, IdentityType.SamAccountName, this.textBox_adName.Text))
                    {
                        string userSid = string.Format("<SID={0}>", ToSidString(user));
                        DirectoryEntry groupDirectoryEntry = (DirectoryEntry) group.GetUnderlyingObject();
                        groupDirectoryEntry.Properties["member"].Remove(userSid);
                        groupDirectoryEntry.CommitChanges();
                    }