Get a list of all SharePoint group’s users including active directory group

Hello everyone,

Today I’ll talk about a request I had some time ago. The client wanted a list of all members of a SharePoint group.

At first sight no worries, just use a

SPGroup group;            
group.Users ;

Except that later in development, the use of active directory groups has been determined to facilitate user management.
And here, it does not interest the customer to see the name of its active directory groups! (Strange isn’t it?)

So now, after some research and several tests I found the SPPrincipalInfo class and the PrincipalType attribute :

This class, found via the Microsoft.SharePoint.Utilities assembly, tests whether the user is a security group, in other words, if it is an Active Directory group.

So here I am with the first part of my code


                using (SPSite adminSite = new SPSite(SPContext.Current.Site.ID))
                    using (SPWeb adminWeb = adminSite.OpenWeb(SPContext.Current.Web.ID))
                        string myGroup = "GroupName";
                        List listeUsers = new List();
                        bool reachedMax;
                        SPPrincipalInfo[] principals = SPUtility.GetPrincipalsInGroup(adminWeb, myGroup, 500, out reachedMax);
                        foreach (SPPrincipalInfo item in principals)
                            if (item.PrincipalType == SPPrincipalType.SecurityGroup)
                                string[] temp = item.DisplayName.Split('\\');
                                listeUsers.AddRange(GetGroupMembers(temp[temp.Length - 1]));
                                //listeUsers.Add(item.LoginName.ToLower());//display the login name
                                listeUsers.Add(item.DisplayName.ToLower());//display the display name

The distinction between users and SharePoint active directory group is made, it now remains only to query the active directory to retrieve all users in that group.

public List GetGroupMembers(string strGroup)
            List groupMemebers = new List();

                DirectoryEntry ent = new DirectoryEntry("LDAP://DC=Test,DC=COM");// Change by your AD link

                DirectorySearcher srch = new DirectorySearcher("(CN=" + strGroup + ")");

                SearchResultCollection coll = srch.FindAll();

                foreach (SearchResult rs in coll)
                    ResultPropertyCollection resultPropColl = rs.Properties;

                    foreach (Object memberColl in resultPropColl["member"])
                        DirectoryEntry gpMemberEntry = new DirectoryEntry("LDAP://" + memberColl);

                        System.DirectoryServices.PropertyCollection userProps = gpMemberEntry.Properties;

                        //getting user properties from AD

                        object obVal = userProps["displayName"].Value;
                        object obAcc = userProps["sAMAccountName"].Value;

                        if (null != obVal)
                            groupMemebers.Add(obVal.ToString().ToLower());//display the display name
                            //groupMemebers.Add(obAcc.ToString());//Display the login
                        else groupMemebers.AddRange(GetGroupMembers(userProps["sAMAccountName"].Value.ToString()));


            catch (Exception ex)

            return groupMemebers;


And voila, we have a list of all members of our group SharePoint!

Edit : There is another way of doing this here



3 thoughts on “Get a list of all SharePoint group’s users including active directory group

  1. Pingback: Get all users from SharePoint group including active directory group V2 | Christopher Clement

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s