public void CreateGroup(Group group) { // By default, all groups will go into the GroupsOU using (PrincipalContext context = new PrincipalContext(ContextType.Domain, ServerName, GroupsOU, ContextOptions.Negotiate, ServiceUser, ServicePassword)) { using (GroupPrincipalEx newGroup = new GroupPrincipalEx(context)) { newGroup.Name = group.GroupName; newGroup.SamAccountName = group.GroupName; newGroup.Info = group.Description; newGroup.Save(); } } }
/// <summary> /// Updates the specified group in the domain. If the oldGroupName parameter /// is not null then it means that the name of the group has changed. /// </summary> /// <param name="group"></param> /// <param name="oldGroupName"></param> public void UpdateGroup(ADGroup group, string oldGroupName = null) { using (PrincipalContext groupContext = new PrincipalContext(ContextType.Domain, ServerName, null, ContextOptions.Negotiate, ServiceUser, ServicePassword)) { if (!string.IsNullOrWhiteSpace(oldGroupName)) { using (GroupPrincipalEx adGroup = GroupPrincipalEx.FindByIdentity(groupContext, oldGroupName)) { if (adGroup != null) { // If we have gotten to this section, then it means that the name of the // group has been changed by the user. If so then we'll have to use the // underlying DirectoryEntry objec to rename the account. Note: the format // for the new name has to start with 'cn=<new_group_name>' or else the // code would throw an error message. var groupEntry = (DirectoryEntry)adGroup.GetUnderlyingObject(); groupEntry.Rename("cn=" + group.GroupName); groupEntry.CommitChanges(); // These are just two additioanl properties that also have // to change but we don't have to use the underlying object // to make the change. adGroup.SamAccountName = group.GroupName; adGroup.DisplayName = group.GroupName; // The user may have also changed the description, if so then // let's update this just in case so that nothing is lost. //adGroup.Description = group.Description; adGroup.Info = group.Description; adGroup.Save(); } } } else { // Only the description of the group will be changing using (GroupPrincipalEx adGroup = GroupPrincipalEx.FindByIdentity(groupContext, group.GroupName)) { if (adGroup != null) { adGroup.Info = group.Description; adGroup.Save(); } } } } }
/// <summary> /// Gets group information and members from the domain /// </summary> /// <param name="groupName"></param> /// <returns></returns> public ADGroup GetGroupByName(string groupName) { ADGroup group = new ADGroup(); using (PrincipalContext context = new PrincipalContext(ContextType.Domain, ServerName, null, ContextOptions.Negotiate, ServiceUser, ServicePassword)) { using (GroupPrincipalEx adGroup = GroupPrincipalEx.FindByIdentity(context, groupName)) { group.GroupName = adGroup.Name; if (string.IsNullOrWhiteSpace(adGroup.Info)) { group.Description = "No description for group."; } else { group.Description = adGroup.Info; } //group.Members = new List<ADUserQuickView>(); group.Members = new Dictionary <string, string>(); // We use the OfType<T> method to be able to get more information about // the members of this group. This will give us additional information // about the user account that would not otherwise be available by // not doing this. var searchResults = adGroup.GetMembers().OfType <UserPrincipal>(); foreach (var user in searchResults) { if (!String.IsNullOrEmpty(user.DisplayName)) { //group.Members.Add(new ADUserQuickView() { UserName = user.SamAccountName, FirstName = user.GivenName, LastName = user.Surname, IsEnabled = user.Enabled } ); group.Members.Add(user.SamAccountName, user.DisplayName); } else { //group.Members.Add(new ADUserQuickView() { UserName = user.SamAccountName, FirstName = user.SamAccountName + " (username)", LastName = user.SamAccountName + "(username)", IsEnabled = user.Enabled }); group.Members.Add(user.SamAccountName, user.SamAccountName); } } return(group); } } }