Updating Windows Security Groups using VB.NET and Directory Services
4.09/5 (11 votes)
Dec 22, 2004
66592
612
How to use directory services to manage group level security. Easily Add, Remove and List users in a Windows domain security group. Note: You must be a Domain Admin to use this code.
Introduction
Do you use Integrated Windows Security to manage permissions in your applications and or databases? The class AD_Group.vb provided in this sample project will let you easily Add, Remove and List users in a Windows group. My development group uses group security in our ASP.NET applications using the User.IsInRole ("Domain\Group") function all the time. We also set permissions to our web directories at the group level. Now we manage our groups easily with VB.NET code. It's a lot quicker than logging on to our DC server and using the Active Directory GUI provided in Windows Server 2000. The Windows application pictured below is one way I put the AD_Group.vb class to good use.
To use this code, add a reference to the DirectoryServices.dll:
After your reference has been added, simply Add Existing Item to your project. Add the AD_Group.vb file contained in this sample project like so:
Then you can call the code like this:
Dim Obj AsNew AD_Group(MyDomain, MyServer, MyGroup)
Obj.RemoveUser("UserName")
That's basically it.