vb.netactive-directorydomainservices

Setting a User Group with an Array using Active Directory Domain Services VB.net


I am trying to figure out how to set Users to an array of groups with Data I pulled from another user. I am in the process of creating a User Creation GUI and I am stuck because I am not sure if the data I have is an acceptable to pass through?

Currently I have the getGroups class which grabs the groups from a user that already exsists in AD. Which is represented in the code below:

Public Function getUserGroups(ByVal Username) As Array

    Dim root As DirectoryEntry = New DirectoryEntry("L....")
    Dim _objDirSearcher As DirectorySearcher = New DirectorySearcher(root)
    _objDirSearcher.Filter = "(&(objectCategory=user)(name=" + Username.ToString() + "))"
    _objDirSearcher.PropertiesToLoad.Add("memberOf")
    Dim arr As Object = Nothing
    Dim arrcol As Object() = Nothing
    Try
        'get all the user objects matching with the search pattern given
        Dim _objResults As SearchResultCollection = _objDirSearcher.FindAll()
        'loop with in each object
        Dim _objResult As SearchResult
        For Each _objResult In _objResults
            'Check for properties available
            If (Not _objResult Is Nothing) And _objResult.GetDirectoryEntry().Properties.Count > 0 Then
                'verify for the mobile property not null
                If Not _objResult.GetDirectoryEntry().Properties("memberOf").Value Is Nothing Then
                    If TypeOf _objResult.GetDirectoryEntry().Properties("memberOf").Value Is Object() Then
                        arr = CType(_objResult.GetDirectoryEntry().Properties("memberOf").Value, Object())
                    ElseIf TypeOf _objResult.GetDirectoryEntry().Properties("memberOf").Value Is Object Then
                        arr = CType(_objResult.GetDirectoryEntry().Properties("memberOf").Value, Object)
                    End If
                    Exit For
                End If
            End If
        Next
    Catch e As Exception
        Return Nothing
    End Try

    Return arr
End Function

Then I have some code below to add ad user to group this is the part I am unclear if I did right. The Username variable will hold the newly created username and then pass the array of groups from the other user that is currently in format like "CN=group name, ou="test",DC=""...."

 Private Sub adUserToGroup(ByVal user As String, ByVal listGroup As Array)
    ' sDomainName represents the location of your LDAP server
    Dim sDomainName As String = "LDAP://ads.yourdomain.edu"
    Dim adUserFolder As DirectoryEntry = New DirectoryEntry("LDAP://ads.yourdommain.edu/DC=ads,DC=yourdomain,DC=edu")

    ' This user is an active directory user and it will need access to write to the group you're trying to add to
    adUserFolder.Username = "<insert user to authenticate as>"
    adUserFolder.Password = "<insert password>"
    Dim adSearch As New System.DirectoryServices.DirectorySearcher(adUserFolder)


    For i = 0 To UBound(listGroup)
        ' bpell being the name of the user that you want to add.
        listGroup(i).Properties("member").Add("CN=" + user + ",OU=Accounts,DC=ads,DC=mydomain,DC=edu")
        listGroup(i).CommitChanges()

    Next
End Sub

Does the code above look correct for what I need it to do. Should I revise it?


Solution

  • I figured it out, I had to break it apart and add the "Children" class to be able to find and access the group. I also made a for loop that strips the "DC" attributes from every string in the array because DC is already established in the LDAP path.

    This is the final product. However I may initilize currentgroup out side the for loop as I feel like opening multiple sessions to add value to a group may cause issues.

        Private Sub adUserToGroup(ByVal user As String, ByVal listGroup As Array)
    
        Dim de As DirectoryEntry = New DirectoryEntry()
    
        de.Path = "LDAP://domain.com/DC=Test,DC=COM"
        de.AuthenticationType = AuthenticationTypes.Secure
        de.Username = AuthUser
        de.Password = AuthPass
        Dim root As DirectoryEntries = de.Children
    
        '1. Create user account
        For i = 0 To UBound(listGroup)
            Dim currentGroup As DirectoryEntry = de.Children.Find(listGroup(i), "group")
            'Dim currentGroup As DirectoryEntry = de.find(listGroup(i))
            currentGroup.Properties("member").Add("CN=" + user + ",OU=Employees,OU=Users,DC=test,DC=com")
            currentGroup.CommitChanges()
        Next
      
        de.Close()
    
    End Sub