I made a small program to add a user to a group for a while. I want to display the users of the group in the DataGridView. I want to know when the user leaves the group. I can find this out from powershell.
Get-ADGroup -Identity "UG_TS_CISCO" -Properties members -ShowMemberTimeToLive
****************
Members : {<TTL=204236>,CN=Ilya Evseev,***, <TTL=31412>,CN=Vasyan Pupkin,***}
DirectoryEntry dc = new DirectoryEntry();
DirectorySearcher searcher= new DirectorySearcher(dc);
searcher.Filter = ("(&(objectCategory=group)(cn=UG_TS_CISCO))");
foreach (SearchResult src in searcher.FindAll()) {
DirectoryEntry groupEntry = src.GetDirectoryEntry();
object members = groupEntry.Invoke("members", null);
foreach (object groupMember in (IEnumerable)members)
{
DirectoryEntry member = new DirectoryEntry(groupMember);
dataGridView.Rows.Add(member.Properties["name"][0], member.Properties["sAMAccountName"][0]);
}
}
But how to get this data from the application using DirectoryServices I can't understand.
According to this, you need to perform the search with the LDAP_SERVER_LINK_TTL
LDAP extended control. I don't think DirectorySearcher
allows you to add any extended controls manually.
You may have to resort to using LdapConnection
and SearchRequest
.
There's an example of how to use that in their Introduction to System.DirectoryServices.Protocols article.
To add that extended control, I think this should work (untested):
searchRequest.Controls.Add(new DirectoryControl("1.2.840.113556.1.4.2309", null, false, true));