Hi,

I found this handy script and I'm trying to convert it to VB.NET.  It
pops up a list of members in the Administrators/Builtin group.  Can't
seem to get DirectorySearcher or DirectoryEntry working similar to
this.  Run this as a VBS script to see:

Option Explicit
Dim strUser, strMember, strDNSDomain, strContainer
Dim objGroup, objUser, objRootDSE
Dim arrMemberOf

' Bind to Active Directory'
strContainer = "cn=Administrators,cn=Builtin, "
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

' Get the Builtin Administrators group
Set objGroup = GetObject ("LDAP://"& strContainer & strDNSDomain)
objGroup.getInfo

arrMemberOf = objGroup.GetEx("member")

' Loop = For Each .... Next
WScript.Echo "Members of Group " & strContainer
For Each strMember in arrMemberOf
WScript.echo strMember
Next

Wscript.Quit

Thanks for your help!

Imports System.DirectoryServices
Imports System.Diagnostics
Imports System.Runtime.InteropServices
Imports ActiveDs

    Private Sub cmdQuery_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdQuery.Click
        Dim objMembers As Object = Nothing
        Dim collMembers As IADsMembers = Nothing
        Dim iadsMember As IADsUser
        Dim strServerName As String

        Dim de As New DirectoryEntry()
        Try
            strServerName = "SERVER"
            de.Username = "Username"
            de.Password = "Password"
            de.AuthenticationType = AuthenticationTypes.Secure
            de.Path = "LDAP://" & strServerName & "/CN=Domain
Admins,CN=Users,DC=DomainName,DC=local"

            ' Invoke native method "members"
            objMembers = de.Invoke("Members")
            collMembers = CType(objMembers, IADsMembers)
            collMembers.Filter = "user"
            For Each iadsMember In collMembers
                Debug.WriteLine("Name = " & iadsMember.Name)
            Next

        Catch ex As COMException
            Debug.WriteLine("**Exception**" & vbCrLf & ex.ToString)
        End Try
    End Sub


Show quoteHide quote

Namespace or Type 'ActiveDs' for Imports ActiveDs cannot be found
Type IADsMembers not defined
Type IADsUsers not defined

What's ActiveDs?

Interop.ActiveDs

I added this COM reference.  It's the "Active DS IIS Namespace
Provider" in Visual Studio.

I'm not sure what to specify for Server.

DC=website,DC=com?

your local domain name....

your local extension.

So if your active directory is called

TEST.DS

DC=TEST
DC=DS

Show quoteHide quote

Tried various server names.  Not working for me.

LDAP://" & strServerName & "/CN=Domain
Admins,CN=Users,DC=DomainName,DC=local"

The script above references RootDSE.  It references a domain, not a
server:
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

where I get:  DC=website,DC=corp,DC=websiteusa,DC=com

Thanks for your response anyway!

DC=website,DC=corp,DC=websiteusa,DC=com

does not work.  This is the domain used in the VBS script above, but
when I use it for .NET it raises an exception.

(names changed to protect the innocent :)

"LDAP://DC=website,DC=corp,DC=websiteusa,DC=com/CN=Domain
Admins,CN=Users,DC=DomainName,DC=local"

Path used.  Works fine in the script... strange!

BTW This works fine:

        Dim oDirent As DirectoryEntry = New
DirectoryEntry("LDAP://DC=website,DC=corp,DC=websiteusa,DC=com")
        Dim oent As DirectoryEntry
        For Each oent In oDirent.Children
            Response.Write(oent.Name & ":" & oent.SchemaClassName &
"<BR>")
        Next

The LDAP specified is a valid domain.  I'm not working with servers at
this point.

This code works, but I'm looking for the members of the Administrator
group, not a list of all groups.

Thanks for your time!

"LDAP://" & strServerName & "/CN=Domain
Admins,CN=Users,DC=DomainName,DC=local"

Note the "Domain Admins" name.
Show quoteHide quote

Yes it says "Domain Admins".

??

This is the line it stops at:

objMembers = de.Invoke("Members")

Error Msg:
**Exception** System.Runtime.InteropServices.COMException (0x80005000):
Unknown error (0x80005000) at
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at
System.DirectoryServices.DirectoryEntry.Bind() at
System.DirectoryServices.DirectoryEntry.get_NativeObject() at
System.DirectoryServices.DirectoryEntry.Invoke(String methodName,
Object[] args) at pgSrvrBuild.LDAPtest.Page_Load(Object sender,
EventArgs e) in
\\webserver.com\wwwroot$\web\Test2\LDAPtest.aspx.vb:line 53

Dim myOU As DirectoryServices.DirectoryEntry = New
DirectoryServices.DirectoryEntry("LDAP://cn=Domain
Admins,cn=Users,dc=DOMAIN,dc=EXT")
        Dim dsUsers As DirectoryServices.DirectorySearcher = New
DirectoryServices.DirectorySearcher(myOU)
        dsUsers.SearchScope = DirectoryServices.SearchScope.Subtree
        dsUsers.Filter = "(objectCategory=Person)"
        dsUsers.PropertiesToLoad.Add("displayName")
        dsUsers.PropertiesToLoad.Add("givenName")
        dsUsers.PropertiesToLoad.Add("sn")
        Dim oSR As DirectoryServices.SearchResult
        For Each oSR In dsUsers.FindAll()
            Debug.WriteLine(oSR.Properties("displayName")(0).ToString())
        Next

Show quoteHide quote

Same error as before.  Here's what I'm trying to do:

strContainer = "cn=Administrators,cn=Builtin, "
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
'This gives me the DC=, DC=, etc.
'This is important because sometimes my domain controller for Active
Directory changes.

Set objGroup = GetObject ("LDAP://"& strContainer & strDNSDomain)
objGroup.getInfo

arrMemberOf = objGroup.GetEx("member")
'Each member is added to the array...

' Loop = For Each .... Next
WScript.Echo "Members of Group " & strContainer
For Each strMember in arrMemberOf
WScript.echo strMember
'This shows all 4 members in the array.

Re: your code, I appreciate your help.  What does this refer to?
"cn=Domain Admins,cn=Users"  Does not correlate with my VBS script.

Also, this:
            dsUsers.PropertiesToLoad.Add("displayName")
            dsUsers.PropertiesToLoad.Add("givenName")
            dsUsers.PropertiesToLoad.Add("sn")
Not sure what this does.

Try this....

Dim myOU As DirectoryEnTry =  New DirectoryEnTry(LDAP://ou=Domain
Admins,dc=DOMAIN,dc=EXT)

Dim dsUsers As DirectorySearcher =  New DirectorySearcher(myOU)

dsUsers.SearchScope = SearchScope.Subtree
dsUsers.Filter = "(objectCategory=Person)"

dsUsers.PropertiesToLoad.Add("displayName")
dsUsers.PropertiesToLoad.Add("givenName")
dsUsers.PropertiesToLoad.Add("sn")

Dim oSR As SearchResult
For Each oSR In dsUsers.FindAll()
  Debug.Writeline(oSR.Properties("displayName"¨)(0).ToString()
Next


Show quoteHide quote

Tested your new script.  Added quotes around the LDAP directory name.
Results are:
"TEST**Exception** System.Runtime.InteropServices.COMException
(0x80072030): There is no such object on the server at
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at
System.DirectoryServices.DirectoryEntry.Bind() at
System.DirectoryServices.DirectoryEntry.get_AdsObject() at
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) at
System.DirectoryServices.DirectorySearcher.FindAll() at "

Right now not looking for "ou=Domain Admins" I am looking for
"cn=Administrators,cn=Builtin,"  I changed your code to:
"LDAP://cn=Administrators,cn=Builtin,dc=DOMAIN,dc=EXT" ... no Error,
but no results.

After debugging, looks like the filter is removing all the results?
Removed the filter.  Still removing results.  Commented out the
"PropertiesToLoad"... no luck.

Using the VBS script above, I get 4 admins for Administrators/Builtin.

hang in there working on it.

Show quoteHide quote

Try This. In ou put the organizationunit you put your people in.dc is the
name of your local server domain. dc is the extension.

If you don't have any organizational units (if not we need to talk some
more) then this path changes to cn=users.

e.g. My server domain is JJP and its extension is ds thus its name is JJP.ds

domain = JJP

dc=ext

So your line roughly translated is
Dim myOU As DirectoryServices.DirectoryEntry = New
DirectoryServices.DirectoryEntry("LDAP://ou=" & organizaionalunit & ",dc=" &
domain & ",dc=" & ext)



Dim myOU As DirectoryServices.DirectoryEntry = New
DirectoryServices.DirectoryEntry("LDAP://ou=organizaionalunit,dc=domain,dc=ds")
        Dim dsUsers As DirectoryServices.DirectorySearcher = New
DirectoryServices.DirectorySearcher(myOU)
        dsUsers.SearchScope = DirectoryServices.SearchScope.Subtree
        dsUsers.Filter = "(objectCategory=Person)"
        dsUsers.PropertiesToLoad.Add("displayName")
        dsUsers.PropertiesToLoad.Add("givenName")
        dsUsers.PropertiesToLoad.Add("sn")
        dsUsers.PropertiesToLoad.Add("memberof")

        Dim oSR As DirectoryServices.SearchResult

        For Each oSR In dsUsers.FindAll()

            If oSR.Properties.Item("memberof").Count > -1 Then
                Dim i As Integer
                For i = 0 To oSR.Properties.Item("memberof").Count - 1
                    If
oSR.Properties.Item("memberof").Item(i).ToString.IndexOf("Administrator")
                        MsgBox(oSR.Properties.Item("displayName").Item(0))
                        Exit For
                  End If
                Next
            End If

        Next

Show quoteHide quote

Ok, the first lines I have translated are:

Dim strDomain As String
Dim rootds As New DirectoryEntry("LDAP://rootDSE")
strDomain = rootds.Properties("DefaultNamingContext")(0) 'get the name
of the domain
Dim root As New System.DirectoryServices.DirectoryEntry("LDAP://" &
strDomain)

So far so good!

Re your code, what does this mean?
        dsUsers.PropertiesToLoad.Add("displayName")
        dsUsers.PropertiesToLoad.Add("givenName")
        dsUsers.PropertiesToLoad.Add("sn")
        dsUsers.PropertiesToLoad.Add("memberof")
This code is unwarranted.

Your kidding right? I help you and you want to quibble?

I added the other fields to show you how to pull certain fields of data.
MemberOf is critical so you find those in the Administrative groups you are
seeking. Plus you don't want to load all properties if not necessary
especially if you have hundreds of users.

However you come up with your path is up to you. I am showing you how to do
it under a normal ad situation.

Show quoteHide quote

vbnetdev,
Just asking what you mean when you include:
dsUsers.PropertiesToLoad.Add("displayName")
No response from you, that's fine.

BTW: Check this out (works pretty good and no extra code)

        Dim AD As New DirectoryEntry("WinNT://" +
Environment.MachineName + ",computer")
        Dim group As DirectoryEntry =
AD.Children.Find("administrators", "group")
        Dim members As Object = group.Invoke("Members", Nothing)
        Dim member As Object
        For Each member In CType(members, IEnumerable)
            Dim x As New DirectoryEntry(member)
            Response.Write(x.Name)
        Next member

Simple huh?  Done and done!

Glad you got it to work.

I added the properties I did so it only loaded the properties I wanted.
Otherwise it loads all hundred some of them. Your code loads everything. If
you only have a few users however that is no big deal.


Show quoteHide quote

That makes sense!  Thanks again for your time.

Comparing Colors
filter rows in a bound datagrid
Problem: Unwanted Paper feed after printing.
update more than only the email with asp.net membership
Change Report Connection at Runtime
Data Relation Update
Namespace Question ...
problems with URL value in webbrowser app
Delimiter question
Modules in 2005