There is a nice web part called “Site Users” that will display SharePoint users and SharePoint Groups that have access to the site on the webpage. This is an out of the box (OOTB) webpart, but will only display the name of the AD group and not the members within it.
In order to display all the user names for the site, we need to create a custom webpart to handle this additional expansion that will query the Active Directory LDAP store. Time to fire up Visual Studio…I won’t go into all the details for solution set up, but here’s the basic functionality…
First we create a function where we pass in an AD group and get back a StringCollection of the users’ names:
//Query Active Directory to get users from Active Directory Groups public StringCollection GetGroupMembers(stringstrGroup) { StringCollection groupMemebers = new StringCollection(); try { DirectoryEntry ent = new DirectoryEntry(LDAP://OU=yourCompanyOU,DC=yourCompanyDC); DirectorySearcher srch = new DirectorySearcher(“(CN=” + strGroup + “)”); SearchResultCollection coll = srch.FindAll(); foreach (SearchResult rs in coll) { ResultPropertyCollection resultPropColl = rs.Properties; foreach (Object memberColl in resultPropColl["member"]) { DirectoryEntry gpMemberEntry = new DirectoryEntry(“LDAP://”+ memberColl); System.DirectoryServices.PropertyCollection userProps = gpMemberEntry.Properties; //getting user properties from AD object obVal = userProps["displayName"].Value; object obAcc = userProps["sAMAccountName"].Value; if (null != obVal) { groupMemebers.Add( “User Name:” +obAcc.ToString() + “, User login name:” + obVal.ToString() + “<br>”); } } } } catch (Exception ex) {//writer.Write(ex.Message);} Return groupMemebers; }
We also need to get the names of the site users from the SharePoint security groups:
ArrayList belongToDomain = new ArrayList(); ArrayList names = new ArrayList(); using(SPSite collSite = new SPSite(SPContext.Current.Site.ID)) { using (SPWeb elevatedWeb = collSite.OpenWeb(SPContext.Current.Web.ID)) {//All users in the site SPUserCollection collUser = SPContext.Current.Web.AllUsers; SPGroupCollection collgroup = SPContext.Current.Web.Groups; //for each item in the collection of groups foreach (object group in collgroup) { //We don’t care about displaying the visitors if (group.ToString() != “Visitors”) { //check that the users in the site collection belong to current site group foreach (SPUser singleuser in collUser) {//get the list of groups that the user belongs to foreach (SPGroup userGroup in singleuser.Groups) {//check if it matches any of the current site groups if (group.ToString() == userGroup.ToString()) {//check if the user from the sharepoint group is a AD group if (singleuser.IsDomainGroup) {//pass the name into Array that query the AD belongToDomain.Add(singleuser.ToString()); } else {//otherwise add into the Array that stores list of names, in case the user name is not from an AD group. names.Add(singleuser.LoginName); } } } } } } } }
Now that we have this big array of user names, we need to make sure that there are no duplicate names, as a user can possibly be in multiple groups. So call the function below and pass in the names array so we have a distinct list:
//remove duplicate users name Function public ArrayList RemoveDups(ArrayList items) { ArrayList noDups = new ArrayList(); foreach (string strItem in items) { if (!noDups.Contains(strItem.Trim())) { noDups.Add(strItem.Trim()); } } noDups.Sort(); return noDups; }
And there you go, full expansion of an AD group to return a distinct ArrayList of users who have access to the site.
Thanks! Exactly what I needed.
Any chance you could post the code in the usable syntax meaning the entire Visual Studio setup? I’m new to SharePoint and Visual Studio.
Man I have been straggling to get this right for two days…! Thanks you made my day short…!