Reputation: 2231
ActiveDirectory - Secondary Owner
I would like to pull out the primary and secondary owners of a group in AD, however, I can not seem to find any way to pull out the secondary owner. Primary owner can be extracted using the code below.
I have gone through all of the items in directory entry properties, which does not seem to contain the secondary owner. Any pointers would be appreciated.
private static string GetGroupOwner(string groupName)
{
string owner = null;
PrincipalContext context = new PrincipalContext(ContextType.Domain);
var group = GroupPrincipal.FindByIdentity(context, IdentityType.SamAccountName, groupName);
if (group != null)
{
DirectoryEntry entry= (DirectoryEntry)group.GetUnderlyingObject();
var propertyValueCollection = (System.DirectoryServices.PropertyValueCollection)entry.Properties["managedBy"];
owner = UserPrincipal.FindByIdentity(context, propertyValueCollection.Value.ToString()).ToString();
}
return owner;
}
Upvotes: 0
Views: 2585
Answers (1)
Reputation: 4678
So far as I am aware Secondary Owners are available only as part of ActiveRoles Server:
http://www.quest.com/activeroles-server/
There is detailed documentation and tools avaialable for interacting with this server.
The secondary owners (of which there can be more than one) are held in the edsvaSecondaryOwners attribute:
http://wiki.powergui.org/index.php/New-QADGroup
Upvotes: 1
Related Questions
- Authorization problem with DirectoryEntry and ActiveDirectorySecurity
- Active Directory and PrincipalPermission
- Creating a new group and setting permissions in Active Directory using C#
- Owner and Co-owner of Groups
- User Group and Role Management in .NET with Active Directory
- Ownership of group in Active Directory,
- How to create DirectoryEntry for specific group
- Issue- Relating To ActiveDirectory Group
- User/Group Permissions in Active Directory
- Active Directory Security Group and Role in asp.net