There are several ways to get this information:
- Get all users from an AD group (http://omegacoder.com/?p=236) and then build a FQDN with the info retrieved. Compare the literals and get an answer.
- Get all the info from your AD and try something from this (extremely large) article: http://www.codeproject.com/KB/system/everythingInAD.aspx
But the easiest way I found was using the System.DirectoryServices.AccountManagement namespace. Incredible short implementation, best results… so something like this will solve the problem.
using System.DirectoryServices.AccountManagement;
protected bool CurrentUserIsMemberOfGroup(string groupName)
{
string userLogin = SPContext.Current.Web.CurrentUser.LoginName;
// To get the right context, run with elevated privileges
SPSecurity.RunWithElevatedPrivileges(delegate()
{
var principalContext = new PrincipalContext(ContextType.Domain);
var userPrincipal = UserPrincipal.FindByIdentity(principalContext, System.DirectoryServices.AccountManagement.IdentityType.SamAccountName, userLogin);
var group = GroupPrincipal.FindByIdentity(principalContext , groupName);
return userPrincipal.IsMemberOf(group);
});
}
Notice the SPSecurity.RunWithElevatedPrivileges, as it is necessary to get the info from our AD (in case it is not located in the same machine as our beloved SharePoint). Otherwise, you won’t get access to the “ContextType.Domain”.
Hope this helps somebody.
Cheers!
Legend...
ReplyDelete