identityReference.Translate(typeof(System.Security.Principal.NTAccount)).ToString() not providing complete...
up vote
0
down vote
favorite
I want to fetch all the groups an user is assigned to. I have used the code block mentioned below:
WindowsIdentity windowsIdentity = new WindowsIdentity(userName);
IdentityReferenceCollection irc = windowsIdentity.Groups;
Console.WriteLine("The groups identified are : ");
foreach (IdentityReference identityReference in irc)
Console.WriteLine(identityReference.Translate(typeof(System.Security.Principal.NTAccount)).ToString());
One of the group detail for the user is:
- domainname for the group is example.com
- group name is Group1
Expected output is: example.comGroup1
Output I got is: exampleGroup1
Can anyone suggest how to get expected output.
Thanks in Advance
c# .net active-directory
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
asked Nov 19 at 11:43
Praveen Sajwan
61
add a comment |
up vote
0
down vote
favorite
I want to fetch all the groups an user is assigned to. I have used the code block mentioned below:
WindowsIdentity windowsIdentity = new WindowsIdentity(userName);
IdentityReferenceCollection irc = windowsIdentity.Groups;
Console.WriteLine("The groups identified are : ");
foreach (IdentityReference identityReference in irc)
Console.WriteLine(identityReference.Translate(typeof(System.Security.Principal.NTAccount)).ToString());
One of the group detail for the user is:
- domainname for the group is example.com
- group name is Group1
Expected output is: example.comGroup1
Output I got is: exampleGroup1
Can anyone suggest how to get expected output.
Thanks in Advance
c# .net active-directory
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
asked Nov 19 at 11:43
Praveen Sajwan
61
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I want to fetch all the groups an user is assigned to. I have used the code block mentioned below:
WindowsIdentity windowsIdentity = new WindowsIdentity(userName);
IdentityReferenceCollection irc = windowsIdentity.Groups;
Console.WriteLine("The groups identified are : ");
foreach (IdentityReference identityReference in irc)
Console.WriteLine(identityReference.Translate(typeof(System.Security.Principal.NTAccount)).ToString());
One of the group detail for the user is:
- domainname for the group is example.com
- group name is Group1
Expected output is: example.comGroup1
Output I got is: exampleGroup1
Can anyone suggest how to get expected output.
Thanks in Advance
c# .net active-directory
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
asked Nov 19 at 11:43
Praveen Sajwan
61
I want to fetch all the groups an user is assigned to. I have used the code block mentioned below:
WindowsIdentity windowsIdentity = new WindowsIdentity(userName);
IdentityReferenceCollection irc = windowsIdentity.Groups;
Console.WriteLine("The groups identified are : ");
foreach (IdentityReference identityReference in irc)
Console.WriteLine(identityReference.Translate(typeof(System.Security.Principal.NTAccount)).ToString());
One of the group detail for the user is:
- domainname for the group is example.com
- group name is Group1
Expected output is: example.comGroup1
Output I got is: exampleGroup1
Can anyone suggest how to get expected output.
Thanks in Advance
c# .net active-directory
c# .net active-directory
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
asked Nov 19 at 11:43
Praveen Sajwan
61
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
asked Nov 19 at 11:43
Praveen Sajwan
61
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
edited Nov 20 at 13:50
Gabriel Luci
8,86011223
8,86011223
asked Nov 19 at 11:43
Praveen Sajwan
61
asked Nov 19 at 11:43
Praveen Sajwan
61
asked Nov 19 at 11:43
Praveen Sajwan
61
61
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
Your domain has two names:
- DNS name, which can be looked up in DNS, like
example.com
- NetBIOS name, which is a short name for the domain, used for convenience, like
EXAMPLE
The NetBIOS name is usually similar to the DNS name, but without dots. However it doesn't have to be similar. You could have a domain DNS of example.com, but a NetBIOS name of MYDOMAIN.
When objects are shown the domainusername format, the NetBIOS name is always used. That's why you are seeing EXAMPLEGroup1. So that's entirely normal and expected.
Is there any reason you must have it in the format of DNS nameusername? I don't know of any case where that is required.
As a side note, I wrote an article about getting all of a user's groups, which you may or may not find helpful: Finding all of a user’s groups
Update: If you really need the DNS nameusername format, you can try this (this isn't tested, but it should be close). This will find the group in AD using the SID, then pull the domain's DNS name out of the canonicalName attribute.
foreach (SecurityIdentifier groupSid in irc) {
using (var group = new DirectoryEntry("LDAP://<SID=" + groupSid.Value + ">")) {
group.RefreshCache(new { "canonicalName", "sAMAccountName" });
var canonicalName = group.Properties["canonicalName"].Value.ToString();
var domainDns = canonicalName.Substring(0, canonicalName.IndexOf("/"));
Console.WriteLine(domainDns + "\" + group.Properties["sAMAccountName"].Value);
}
}
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
Thanks for the info Gabriel. Actually i need to compare it against a set of groups, and the group names in that set are in the format of example.comGroup1
– Praveen Sajwan
Nov 21 at 6:26
Why are they in that format? Where did that come from? That format doesn't come from anywhere in AD. It would have had to be manually constructed like that.
– Gabriel Luci
Nov 21 at 13:18
If you really do need that format, I added some code to my answer that should help.
– Gabriel Luci
Nov 21 at 13:55
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
Your domain has two names:
- DNS name, which can be looked up in DNS, like
example.com
- NetBIOS name, which is a short name for the domain, used for convenience, like
EXAMPLE
The NetBIOS name is usually similar to the DNS name, but without dots. However it doesn't have to be similar. You could have a domain DNS of example.com, but a NetBIOS name of MYDOMAIN.
When objects are shown the domainusername format, the NetBIOS name is always used. That's why you are seeing EXAMPLEGroup1. So that's entirely normal and expected.
Is there any reason you must have it in the format of DNS nameusername? I don't know of any case where that is required.
As a side note, I wrote an article about getting all of a user's groups, which you may or may not find helpful: Finding all of a user’s groups
Update: If you really need the DNS nameusername format, you can try this (this isn't tested, but it should be close). This will find the group in AD using the SID, then pull the domain's DNS name out of the canonicalName attribute.
foreach (SecurityIdentifier groupSid in irc) {
using (var group = new DirectoryEntry("LDAP://<SID=" + groupSid.Value + ">")) {
group.RefreshCache(new { "canonicalName", "sAMAccountName" });
var canonicalName = group.Properties["canonicalName"].Value.ToString();
var domainDns = canonicalName.Substring(0, canonicalName.IndexOf("/"));
Console.WriteLine(domainDns + "\" + group.Properties["sAMAccountName"].Value);
}
}
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
Thanks for the info Gabriel. Actually i need to compare it against a set of groups, and the group names in that set are in the format of example.comGroup1
– Praveen Sajwan
Nov 21 at 6:26
Why are they in that format? Where did that come from? That format doesn't come from anywhere in AD. It would have had to be manually constructed like that.
– Gabriel Luci
Nov 21 at 13:18
If you really do need that format, I added some code to my answer that should help.
– Gabriel Luci
Nov 21 at 13:55
add a comment |
up vote
0
down vote
Your domain has two names:
- DNS name, which can be looked up in DNS, like
example.com
- NetBIOS name, which is a short name for the domain, used for convenience, like
EXAMPLE
The NetBIOS name is usually similar to the DNS name, but without dots. However it doesn't have to be similar. You could have a domain DNS of example.com, but a NetBIOS name of MYDOMAIN.
When objects are shown the domainusername format, the NetBIOS name is always used. That's why you are seeing EXAMPLEGroup1. So that's entirely normal and expected.
Is there any reason you must have it in the format of DNS nameusername? I don't know of any case where that is required.
As a side note, I wrote an article about getting all of a user's groups, which you may or may not find helpful: Finding all of a user’s groups
Update: If you really need the DNS nameusername format, you can try this (this isn't tested, but it should be close). This will find the group in AD using the SID, then pull the domain's DNS name out of the canonicalName attribute.
foreach (SecurityIdentifier groupSid in irc) {
using (var group = new DirectoryEntry("LDAP://<SID=" + groupSid.Value + ">")) {
group.RefreshCache(new { "canonicalName", "sAMAccountName" });
var canonicalName = group.Properties["canonicalName"].Value.ToString();
var domainDns = canonicalName.Substring(0, canonicalName.IndexOf("/"));
Console.WriteLine(domainDns + "\" + group.Properties["sAMAccountName"].Value);
}
}
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
Thanks for the info Gabriel. Actually i need to compare it against a set of groups, and the group names in that set are in the format of example.comGroup1
– Praveen Sajwan
Nov 21 at 6:26
Why are they in that format? Where did that come from? That format doesn't come from anywhere in AD. It would have had to be manually constructed like that.
– Gabriel Luci
Nov 21 at 13:18
If you really do need that format, I added some code to my answer that should help.
– Gabriel Luci
Nov 21 at 13:55
add a comment |
up vote
0
down vote
up vote
0
down vote
Your domain has two names:
- DNS name, which can be looked up in DNS, like
example.com
- NetBIOS name, which is a short name for the domain, used for convenience, like
EXAMPLE
The NetBIOS name is usually similar to the DNS name, but without dots. However it doesn't have to be similar. You could have a domain DNS of example.com, but a NetBIOS name of MYDOMAIN.
When objects are shown the domainusername format, the NetBIOS name is always used. That's why you are seeing EXAMPLEGroup1. So that's entirely normal and expected.
Is there any reason you must have it in the format of DNS nameusername? I don't know of any case where that is required.
As a side note, I wrote an article about getting all of a user's groups, which you may or may not find helpful: Finding all of a user’s groups
Update: If you really need the DNS nameusername format, you can try this (this isn't tested, but it should be close). This will find the group in AD using the SID, then pull the domain's DNS name out of the canonicalName attribute.
foreach (SecurityIdentifier groupSid in irc) {
using (var group = new DirectoryEntry("LDAP://<SID=" + groupSid.Value + ">")) {
group.RefreshCache(new { "canonicalName", "sAMAccountName" });
var canonicalName = group.Properties["canonicalName"].Value.ToString();
var domainDns = canonicalName.Substring(0, canonicalName.IndexOf("/"));
Console.WriteLine(domainDns + "\" + group.Properties["sAMAccountName"].Value);
}
}
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
Your domain has two names:
- DNS name, which can be looked up in DNS, like
example.com
- NetBIOS name, which is a short name for the domain, used for convenience, like
EXAMPLE
The NetBIOS name is usually similar to the DNS name, but without dots. However it doesn't have to be similar. You could have a domain DNS of example.com, but a NetBIOS name of MYDOMAIN.
When objects are shown the domainusername format, the NetBIOS name is always used. That's why you are seeing EXAMPLEGroup1. So that's entirely normal and expected.
Is there any reason you must have it in the format of DNS nameusername? I don't know of any case where that is required.
As a side note, I wrote an article about getting all of a user's groups, which you may or may not find helpful: Finding all of a user’s groups
Update: If you really need the DNS nameusername format, you can try this (this isn't tested, but it should be close). This will find the group in AD using the SID, then pull the domain's DNS name out of the canonicalName attribute.
foreach (SecurityIdentifier groupSid in irc) {
using (var group = new DirectoryEntry("LDAP://<SID=" + groupSid.Value + ">")) {
group.RefreshCache(new { "canonicalName", "sAMAccountName" });
var canonicalName = group.Properties["canonicalName"].Value.ToString();
var domainDns = canonicalName.Substring(0, canonicalName.IndexOf("/"));
Console.WriteLine(domainDns + "\" + group.Properties["sAMAccountName"].Value);
}
}
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
edited Nov 21 at 16:44
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
answered Nov 20 at 14:02
Gabriel Luci
8,86011223
8,86011223
Thanks for the info Gabriel. Actually i need to compare it against a set of groups, and the group names in that set are in the format of example.comGroup1
– Praveen Sajwan
Nov 21 at 6:26
Why are they in that format? Where did that come from? That format doesn't come from anywhere in AD. It would have had to be manually constructed like that.
– Gabriel Luci
Nov 21 at 13:18
If you really do need that format, I added some code to my answer that should help.
– Gabriel Luci
Nov 21 at 13:55
add a comment |
Thanks for the info Gabriel. Actually i need to compare it against a set of groups, and the group names in that set are in the format of example.comGroup1
– Praveen Sajwan
Nov 21 at 6:26
Why are they in that format? Where did that come from? That format doesn't come from anywhere in AD. It would have had to be manually constructed like that.
– Gabriel Luci
Nov 21 at 13:18
If you really do need that format, I added some code to my answer that should help.
– Gabriel Luci
Nov 21 at 13:55
Thanks for the info Gabriel. Actually i need to compare it against a set of groups, and the group names in that set are in the format of example.comGroup1
– Praveen Sajwan
Nov 21 at 6:26
Thanks for the info Gabriel. Actually i need to compare it against a set of groups, and the group names in that set are in the format of example.comGroup1
– Praveen Sajwan
Nov 21 at 6:26
Why are they in that format? Where did that come from? That format doesn't come from anywhere in AD. It would have had to be manually constructed like that.
– Gabriel Luci
Nov 21 at 13:18
Why are they in that format? Where did that come from? That format doesn't come from anywhere in AD. It would have had to be manually constructed like that.
– Gabriel Luci
Nov 21 at 13:18
If you really do need that format, I added some code to my answer that should help.
– Gabriel Luci
Nov 21 at 13:55
If you really do need that format, I added some code to my answer that should help.
– Gabriel Luci
Nov 21 at 13:55
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53373913%2fidentityreference-translatetypeofsystem-security-principal-ntaccount-tostrin%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
