How to get user properties (specifically group/OU membership) via LDAP?

[PPettit]

I'm working on a site that uses Active Directory for authentication. I want to display certain menu items based on the users' group membership. How do I do this? I've tried tons of examples from around the Internet, but nothing is working. I'm guessing that I'm missing something relatively simple and probably has to do with the path that I'm using.

As a test, I tried this bit of code to see if I could get the details of a user:

    Private Sub Test()
        ' Bind to a specific user.
        Dim path As String
        path = "LDAP://CN=User Name,CN=users, DC=fabrikam,DC=com"
        Dim entry As New DirectoryEntry(path)

        ' Create a DirectorySearcher object.
        Dim mySearcher As New DirectorySearcher(entry)
        mySearcher.SearchScope = SearchScope.Base

        ' Use the FindOne method to find the user object.
        Dim resEnt As SearchResult = mySearcher.FindOne()

        Dim propKey As String
        For Each propKey In resEnt.Properties.PropertyNames
            ' Display each of the values for the property 
            ' identified by the property name.
            Dim prop As Object
            For Each prop In resEnt.Properties(propKey)
                Debug.Print("{0}:{1}", propKey, [prop].ToString())
            Next prop
        Next propKey
    End Sub

What should the path be if I'm trying to find the group/OU membership for a user named "jdoe" on domain "mydomain.mycompany.com"? The user is in an OU off the root named "MyCompany Users". It hought that it would be something like this:

LDAP://CN=jdoe,CN=MyCompany Users, DC=mydomain, DC=mycompany, DC=com

but it doesn't appear to work. Any idea as to what I'm doing wrong?

 

[PPettit]

I managed to figure out a solution that I can work with. I figured I'd post my solution here in case someone else stumbled across this post while trying to figure out a similar problem.

My issues were:
1. The path should have just been my domain info.
2. SearchScope should have been set to "Subtree" instead of "Base" so that it could search the entire domain instead of just at the level that I started with.
3. Needed to set the search filter to look for the account name.

    Private Sub Test()
        ' Bind to a specific user.
        Dim path As String
        [b][i]path = "LDAP://DC=mydomain,DC=mycompany,DC=com"[/i][/b]
        Dim entry As New DirectoryEntry(path)

        ' Create a DirectorySearcher object.
        Dim mySearcher As New DirectorySearcher(entry)
        [b][i]mySearcher.SearchScope = SearchScope.Subtree[/i][/b]
        [b][i]mySearcher.Filter = "(&(samaccountname=jdoe[/i][/b]))"

        ' Use the FindOne method to find the user object.
        Dim resEnt As SearchResult = mySearcher.FindOne()

        Dim propKey As String
        For Each propKey In resEnt.Properties.PropertyNames
            ' Display each of the values for the property 
            ' identified by the property name.
            Dim prop As Object
            For Each prop In resEnt.Properties(propKey)
                Debug.Print("{0}:{1}", propKey, [prop].ToString())
            Next prop
        Next propKey
    End Sub

 

[jbenson001]

Glad you found it and posted for other to see that may have the same issue.