A user's groups are always have count of zero

Dec 19, 2014 at 9:46 PM
Hello,

I am able to successfully use this library to get all the users in a domain and to get the current user. However, in both cases, I cannot get the users' groups.

I see this code get executed:

[EntryCollectionProperty("memberOf")]
    public EntryCollection<AdGroup> Groups
    {
        get
        {
            return ((IEntryWithRelationships)this).RelationshipManager.GetEntryCollection<AdGroup>("Groups");
        }
    }


However, there are no elements in the returned collection.

My AdGroup implementation:
[DirectoryType("group", "OU=Groups")]
public class AdGroup : EntryObject
{
    private string _name;

    [DirectoryProperty("samaccountname")]
    public string Name
    {
        get
        {
            return _name;
        }

    }

}

Please advise. Thank you.
Dec 22, 2014 at 4:33 PM
I have found that I can get a user and then access a particular element in the memberOf array:

theuser.GetAttribute<object[]>("memberOf")[0].ToString()

Is there a more elegant way to do this?

I tried this:

[EntryCollectionProperty("memberOf", MatchingRule = MatchingRuleType.InChain)]
    public EntryCollection<AdGroup> Groups
    {
        get
        {
            return ((IEntryWithRelationships)this).RelationshipManager.GetEntryCollection<AdGroup>("Groups");
        }
    }


And I tried this:


[EntryCollectionProperty("memberOf", MatchingRule = MatchingRuleType.None)]
    public EntryCollection<AdGroup> Groups { get; set; }

I've tried


[EntryCollectionProperty("memberOf", MatchingRule = MatchingRuleType.None)]
    public string[] Groups { get; set; }

and none of these get me anything useful.

Thanks.
Feb 4, 2015 at 12:06 AM
It's hard to tell exactly where you are trying what you show in your last post, but the implementation we're using is slightly different. Within the User class we have:
[DirectoryType("User", "OU=InternalUsers")]
public class User : UserEntryObject
{
    //... code removed for brevity ... 

    [EntryCollectionProperty("member")]
    public EntryCollection<Group> Groups
    {
        get
        {
            return ((IEntryWithRelationships)this).RelationshipManager.GetEntryCollection<Group>("Groups");
        }
    }
}
And this is the Group class:
[DirectoryType("group", "OU=Groups")]
public class Group : EntryObject
{
    [DirectoryProperty("samaccountname")]
    public string Name { get; set; }

    [EntryCollectionProperty("memberOf", MatchingRule = MatchingRuleType.InChain)]
    public EntryCollection<User> Users
    {
        get
        {
            return ((IEntryWithRelationships)this).RelationshipManager.GetEntryCollection<User>("Users");
        }
    }
}
With this I am able to query AD and check to see if a user is in a group. (CPUContext is our implementation of the DirectoryContext)
using (var context = new CPUContext())
{
    var adUser = context.Users.SingleOrDefault(u => u.UserName == "SomeUserId");
    return adUser != null && adUser.Groups.Any(g => g.Name == "SomeGroupName");
}
Or enumerate all of a user's groups:
using (var context = new CPUContext())
{
    var adUser = context.Users.SingleOrDefault(u => u.UserName == "SomeUserId");
    if(adUser != null)
    {
        foreach(var g in adUser.Groups)
        {
            Console.WriteLine(g.Name);
        }
    }
}