Check if user is part of AD group using System.DirectoryServices.AccountManagement namespace
I am trying to validate a user from SharePoint to see if a user exists within an AD group. SharePoint does not allow you to do this so I am using the:
using
System.DirectoryServices.AccountManagement;
to validate user existance within that AD group. I found the following method that allows me to validate but bombing on me:
public bool IsUserInGroup(string username, string groupname, ContextType type)
PrincipalContext context = new PrincipalContext(type);
UserPrincipal user = UserPrincipal.FindByIdentity( context, IdentityType.Name, username);
GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupname);
return user.IsMemberOf(group);
When I call my method, i get
An operations error occurred.
I read that it might be an impersination error but I have my web.config set up already with:
<
authentication mode="Windows" />
<
identity impersonate="true" />
Any suggestions from someone that has worked with that namespace on SharePoint? I just want to plainly check to see if a user is part of a certain group on AD from SharePoint.
Victor Palma
“An operations error occurred. “ may suggest a COMException is occurred.
I wrote an simple console application that works:
static void Main(string [] args)
Console .WriteLine(IsUserInGroup("Administrator" , "Domain Admins" ));
public static bool IsUserInGroup(string username, string groupname)
var foundUser = false ;
var context = new PrincipalContext (ContextType .Domain, "DC" );
var group = GroupPrincipal .FindByIdentity(context, groupname);
if (group == null )
context.Dispose();
throw new Exception ("Group could not be found: " + groupname);
// GetMembers(true) is recursive (groups-within-groups)
foreach (var member in group.GetMembers(true ))
try
if (member.SamAccountName.Equals(username))
foundUser = true ;
break ;
catch (Exception )
// One of the members could not be retrieved, moving on...
group.Dispose();
context.Dispose();
return foundUser;
Reference:
Recursive Active Directory group membership using System.DirectoryServices in .NET 3.5(http://www.lessanvaezi.com/recursive-active-directory-group-membership-using-system-directoryservices-in-net-3-5/)
Another important notice:
How to use the System.DirectoryServices namespace in ASP.NET(http://support.microsoft.com/default.aspx/kb/329986)
Keep It Simple and Stupid.
Similar Messages
-
Check if user belongs to specific sharepoint group using designer workflow
Hi,
I am developing a SharePoint 2010 Designer workflow [Reusable workflow].
Can I check if the workflow initiator belongs to specific SharePoint group. Do we have any action/activity for this?
I have some business logic that needs to be executed if user initiating the workflow belongs to specific SharePoint group.
Any suggestions/pointers on this would be highly appreciated.
Regards, Ketan GandhiHi,
You will not able to see it OOTB. You can refer this link if you want this
workflow action.
http://spdactivities.codeplex.com.
Thanks.Please mark it as an answer if it helped. -
Dsget - query users *NOT* part of a group
Hi all,
Is it possible to query a distribution group, to display users *NOT* part of that group? Basically I need to work out which users are missing from a particular group. I can use dsget to obtain a list of members in part of a group but I need to do the reverse;
"tell me who are missing from groupA". Is this possible?
Thanks,
ChristianYou can retrieve the DN of all users in the domain that are not direct members of a specified group using dsquery. For example (this is one line):
dsquery * -filter "(&(objectCategory=person)(objectClass=user)(!(memberOf=TestGroup,ou=West,dc=MyDomain,dc=com))) -limit 0 > NotInGroup.txt
You must specify the full Distinguished Name of the group in the (memberOf=xxx) clause. In this case I redirected the output to a text file, NotInGroup.txt. However, since the "Primary" group of a user is never included in the memberOf attribute of
the user, this will not work if the specified group is the "primary" for any users. This limitation should only apply to the group "Domain Users", which by default is "primary" for all users. There are other ways to handle this if the group is "primary"
for anyone.
Richard Mueller - MVP Directory Services -
How to check if user is part of the specific OU in Active Directory
Hi :
We are trying to check if user is part of the specific OU or not , to do this I am invoking "Get Object Property Value"
since if user is part of that OU in that case it should be able to get that property .
However this activity is failing and not able to search for any proeprty , below is the snapshot of workflow which
I have created for this , I am logging to cisco.com domain for this .Hi Anil
You can run the "Get User Distinguished Name" action. This uses the login CISCO\username in your case to return the distinguished name which you are inputting including its OU.
You could then run the get object property with the input LDAP path being the results from the Distinguished Name.
Regards,
Matt -
Hi there,
I am working on a SharePoint list and i would like users to be assigned permissions to items based on their groups.
I did look at using workflows but i couldnt find anything useful :(
Any tips or advice would be appreciated.
CheersNow that SP2013 workflows allow you to run web services, you could use REST/SOAP web service that, as I recall, allows you to enumerate a group for members:
http://yoursite/yourmanagedpath/yoursitecollection/yoursite/_vti_bin/usergroup.asmx
Do some reading on the GetUserCollectionFromGroup method and see if that doesn't get you what you are looking for... -
Any Simple Way to check wheter the user is belongs to SharePoint Group in Client object model
Hi All,
Generally we follow these steps to check whether user belongs to this perticular group:
1.Get the "Group" object from the Group Collection based on the group name
2.Get all UserCollection from the "Group" object
3.Take a loop and check with each user object (eg User.ID="777473844")
I am thinking this is time taking process( if group has more than 100 members).
Do we have any shortway to check whether user is belongs to this perticular SharePoint Group?
Thanks in Advance!
Thanks,
Mahesh Yamana
Mahesh@SharepointSolutionsHi Mahesh,
Below is a CSOM JS code to check whether a user belongs to a group. We get the current user object, and then the list of Groups which the user is part of. And then check if the required group is present or not in the collection.
function retrieveWebSite() {
var clientContext = new SP.ClientContext.get_current();
this.oWebsite = clientContext.get_web();
this.oCurrentUser = this.oWebsite.get_currentUser();
this.oUserGroups = this.oCurrentUser.get_groups();
clientContext.load(this.oUserGroups);
clientContext.executeQueryAsync(
Function.createDelegate(this, this.onQuerySucceeded),
Function.createDelegate(this, this.onQueryFailed)
function onQuerySucceeded(sender, args) {
var Group1 = "Group Name One";
var Group2 = "Group Name Two";
var flag = false;
var iCount = this.oUserGroups.get_count();
for(var i=0; i<iCount; i++)
oGroup = this.oUserGroups.getItemAtIndex(i);
if(oGroup.get_title() != Group1 && oGroup.get_title() != Group2)
flag=true;
else
flag=false; break;
if(flag == true)
//Write your logic here
function onQueryFailed(sender, args) {
alert('Request failed. ' + args.get_message() +
'\n' + args.get_stackTrace());
Ram Prasad Meenavalli | MCITP | MCTS SharePoint | MCPD SharePoint | http://www.spdeveloper.co.in -
Add multiple users to AD Group using AddRange
All,
I am trying to add multiple users to an AD security group using AddRange method but no luck.
Reason why I am using AddRange method is, the memberlist is pretty big (30K users) and Quest or MSFT AD Cmdlets taking plenty of time to add them.
I am following the instruction per http://msdn.microsoft.com/en-in/library/ms180904(v=vs.80).aspx but no luck.
Code snippet:
$groupmembers = Get-Content C:\Temp\MemberDN.txt
$getgroup = [ADSI]"LDAP://CN=MYADGROUP,OU=GROUPS,DC=CONTOSO,DC=COM"
$getgroup.properties.member.AddRange($groupmembers)
#$getgroup.properties["member"].AddRange($groupmembers)
$getgroup.CommitChanges()
#$getgroup.SetInfo()
I tried using ADSPATH as well but no luck.
Any help or pointers are appreciated.
Thanks.Hi PSPR,
I agree with David .
Also I tested that on my server2012r2 , please refer to :
$user="cn=test1,cn=users,dc=test,dc=com","cn=test2,cn=users,dc=test,dc=com"
$obj=[adsi]"LDAP://cn=test,cn=users,dc=test,dc=com"
$obj.member.addrange($user)
$obj.commitchanges()
Hope it helps
Best Regards
Elton Ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
What is t-code SHD0's 'Variant Groups' used for?
hi all:
What is t-code SHD0's 'Variant Groups' used for?
It seems can't work,who can help me?
thanksss.Variant groups
An extension of the standard variants is involved in the variant groups; the standard groups are often insufficient:
Different users (groups) should work with different variants;
Some users should be able to execute a transaction with different variants.
This is possible - in addition to the advantages that the standard variants offer - with variant groups:
Variants from variant groups are automatically applied, but only for users that are assigned to them.
A user can be assigned to several groups and can change the assignment.
The values of the groups are not applied in the batch input mode.
If a transaction is started with another transaction variant, the values are not additionally applied to a variant group.
How are the variant groups maintained?
You can enter the group names on the "Variant Group" tab and maintain variant groups with the "Create" or "Change" functions.
The group name must be in the "correct" namespace.
In addition, there are two Where-Used Lists:
Which users are assigned to the group,
For which transactions the group applies.
Which transaction variants belong to the groups?
The name of a transaction variant that is to belong to a group meets the following naming conventions:
<Name of variant group><name of transaction code>. Example: A transaction variant is to be created for the XYZ transaction that belongs to GROUP1. The name of the transaction variant is then GROUP1XYZ.
Due to this naming convention, the group name must be in the "correct" namespace.
Transaction variants that (randomly) meet this naming convention do not necessarily belong to a group. The group assignment is activated by
1. Creating a group
2. Assigning users to this group
A transaction variant that belongs to a group can also be used this way, like a transaction variant without a group.
How are the transaction variants that belong to a group maintained?
Transaction variants that belong to a group are maintained in the same way as all other transaction variants, they are distinguished using a naming convention (<name of variant group> <name of transaction codes>).
They can be maintained in the "transaction variants" tab or in the "variant groups" tab. If you maintain them in the "variant groups" tab, you must always enter the transaction code so that the name of the transaction variant can be determined.
Under what conditions is a variant from a group applied?
A variant from a group is applied if users are assigned.
(Only for the assigned users, all other users get the original transaction with a variant from a different group.)
It is NOT sufficient to
Create a group
Create a variant that satisfies the naming convention.
How do you assign users to groups?
You can assign users in the "variant groups" tab in the "user assignment".
Enter the user name.
The user is assigned to the group with the "assign" function, but they see original transaction(s) or the transactions with variants from another group as the proposal.
The assignment of users to the group is deleted using the "delete assignment" function.
The user is assigned to the group using the "Set Proposal" function and the relevant transactions are started for this user with the corresponding variants.
The proposal is canceled with the "Cancel Proposal" function, the assignment itself remains.
If you enter the user names generically (*), you receive a selection screen in which you can
Choose whether assignments or proposals are to be changed
Further restrict user names (the group in the "all users from group" option has nothing to do with the variant group, it concerns the "user group for authorization check" from the user master record (logon data)).
By choosing "Execute", you receive a list in which you can further restrict the user selection. The "Save" function saves the assignments for all selected users.
If you want to start the report in the background, you can choose if just the list should be outputted, or if the database changes should also be performed.
If a user is additionally also to be able to execute the original transaction, he must be assigned to the "empty group", the allocation takes place in the same way, in this case, nothing is simply entered in the group name field.
Regards,
Joy. -
Checking to see if the current User is part of the "Administrator Group"
I am writing an installer for my program - in java - that basically just executes a .jar file. In the past, my software had a disclaimer that just tells the user to make sure that they are an administrator before installing - but we are not currently enforcing that.
So my task is to develop a snippet of code that returns a boolean (true if the user has privileges, false if the user does not). Essentially checking to see if the user is part of the Administrators Group in windows. I created a creative solution for the Unix side of this problem, checking the root group, and some path names for root... but I am stumped on the Windows side of things. I KNOW there is a solution in C, in fact I have already created it (it involves a simple import of windows.h and a static variable check), but I would like a java solution instead.
I have researched a bit in the java.security API and the JNI interface for executing my C code in java... but I would like to post here in case there is a simpler solution that I may be overlooking. The windows platform is XP for the most part, but possibly Vista as well.
Thanks in advance for your replies, and sorry if this is a double-post, I tried searching beforehand.i found out that the fsutil command will not run correctly you are not a local administrator it gives the error message "The FSUTIL utility requires that you have administrative privileges.", right now i am using some string manipulation to try and catch this - another good command line option is net localgroups Administrataor
-
same user with administrative rights on all the servers in single domain user as a part of administrator group in all the servers:
same user is configured as administrator on all the servers in one domain at windows 2003 server. Should this user be made part of domain admin and then this can be set up in the group of administrator for all the servers.
How this is technically different?
If same user is set up as an administrator on all the servers in domain, will it have the same access on all the files as a domain admin user?
dhomyaIf the account is not admin on the domaincontrollers and the account is not member of domain admins or any other privileged AD group, the account has only user privileges on AD and thus cannot perform actions like creating and managing accounts,
groups, OUs,policies, sites, ...in other words cannot potentially ruin Active Directory.
I think that is a pretty big difference.
In fact, it is bad practice to perform you daily server management with an AD privileged account.
In regards of file access. The domain administrator will be just an admin, and thus has the privilies assigned to the local admin group, just as any other admin. But if it are different accounts they might be member of different groups assigning different
privileges. Always be carefull when assuming resulting privileges will be the same.
MCP/MCSA/MCTS/MCITP -
Hi Scripts guys,
I am new to powershell . I would like to achieve the following :
1. to check e.g if current logon user is member of .e.g. to domain1\group1
if yes then execute another
a. do a subst of a: to d:
b. follow by executing the 2nd cmd e.g execute.ps1
else exit and
proceed with execute.ps1
please advice how best to achieve this ? Thanks in advance for your help :)When testing the "current user" for group memberships, I prefer to do it locally using the user's logon token rather than having to query the directory. This has the advantage of automatically dealing with nested group memberships, and working
with local / builtin groups as well. Something along these lines:
function Test-CurrentUserIsMember
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
$Group
$sid = $Group -as [System.Security.Principal.SecurityIdentifier]
if ($null -eq $sid)
$account = $Group
if ($account -isnot [System.Security.Principal.IdentityReference])
$account = [System.Security.Principal.NTAccount][string]$Group
try
$sid = $account.Translate([System.Security.Principal.SecurityIdentifier])
catch
throw "Group '$Group' could not be resolved to a Security Identifier"
return ([System.Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains $sid)
if (Test-CurrentUserIsMember -Group 'DOMAIN1\Group1')
# User is a member of the group (directly, or via nested group memberships.)
Write-Host "Is Member"
else
# User is not a member of the group.
Write-Host "Is Not Member" -
ACS 4.2 - one local user be part of multiple local groups
Hello,
I have a group of network engineers that need full admin access to two groups locally in ACS - Network Admins and LMS Admins <--- (New group created for recent LMS CiscoWorks installation).
I have two NDG's - Cores and LMSserver <-- new
Problem: If a user belongs to Network Admins group, user can login to the LMS server but limited functions. If user is moved to LMS admin has full functions but loses level 15 access to the routers and switches, which are AAA clients for Cores.
I've tried many different settings and still can not find the right one. Is this doable in ACSv4.2?
Thank you very much in advanced for your input.
Cheers!Here is the a workaround to solve it.
Lets say that you have three different groups on AD for NetworkAdmin, RouterAdmin, Wireless.
Go to external user database ==Database Group Mappings==Windows NT/2000==select the domain to which you are authenticating==Add mapping.
Select the AD group NetworkAdmin and map it to ciscosecure group 1
select the AD group RouterAdmin and map it to ciscosecure group 2
select the AD group Wireless and map it to ciscosecure group 3
Group mappings work in the order in which they are defined, first configured mapping is looked upon first then second, third and so on. If a user is in AD group NetworkAdmin and
that is mapped to ACS group 1 and it is first configured mapping it will be looked for FIRST (If a user exists in NetworkAdmin group it will always be mapped to ciscosecure
group 1 and NO further Mappings for this user is checked and user is authenticated or rejected)
Scenario: if you have a user called cisco, in NetworkAdmin group, cisco1 in RouterAdmin group, and cisco2 in Wireless. They will always be dynamically mapped to ACS group 1, 2
and 3 respectively as per above mappings.
You can check the mappings on the passed authentications for users as to what group are they getting mapped to.
SCENARIO:
Now if you want a NetworkAdmin user to authenticate to NetworkAdmin devices and not wireless or RouterAdmin devices you would need to apply NARs to group 1 because
NetworkAdmin users are connecting to that group. Which you will permit Access on group basis to a particular NetworkAdmin NDG or individual NetworkAdmin NAS device.
NOTE:
If you are applying NARs for Wireless or VPN devices.. you would need to configure both IP based AND CLI/DNIS based together because NARs were originally designed for cisco IOS for
routers and switches.
IMPORTANT: If a user successfully authenticates to AD database once, its username is cached on the ACS database (NOT password) the only way to remove the previously cached
username is to go to usersetup find that user and delete it manually.
ACS will not support the following configuration:
*An active directory user that is a member of 3 AD groups (group A, B and C) *Those 3 groups are mapped within ACS as follows Group1->A,Group2->B and Group3->C.
*The user is in all 3 groups however he will always be authenticated by group 1 because that is the first group he appears in, even if there is a NAR configured assigning
specific AAA clients to the group.
However there if your mappings are in below order...
NT Groups ACS groups
A,B,C =============> Group 1
A =============> Group 2
B =============> Group 3
C =============> Group 4.
You can create a DIFFERENT rule for the users in A,B,C by configuring the NARs in group1.
This rule WILL apply for the use ONLY if he is present in ALL three groups (A,B and C).
You can create a rule for users in group A (Group 2)
You can create a rule for users in group B (Group 3)
You can create a rule for users in group C (Group 4)
Please check this links
Group mapping order:
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/qg.htm
#wp940485
Regards,
~JG
Do rate helpful posts -
ECMA script to check if user is a member of sharepoint group
Hi All,
I need to check if the current user belongs to s particular SP group using ECMA script. I have written the following code
function CheckIfCurrentUserIsCoordinator() {
var clientContext = new SP.ClientContext.get_current();
this.collGroup = clientContext.get_web().get_siteGroups();
clientContext.load(collGroup);
clientContext.load(collGroup, 'Include(Users)');
this.currentUser = clientContext.get_web().get_currentUser();
clientContext.load(currentUser);
clientContext.executeQueryAsync(Function.createDelegate(this, this.onQuerySucceeded), Function.createDelegate(this, this.onQueryFailed));
function onQuerySucceeded(sender, args) {
var UserExistInGroup = false;
var groupEnumerator = collGroup.getEnumerator();
while (groupEnumerator.moveNext()) {
var oGroup = groupEnumerator.get_current();
if(oGroup.get_title()=='Group A')
var collUser = oGroup.get_users();
var userEnumerator = collUser.getEnumerator();
while (userEnumerator.moveNext()) {
var oUser = userEnumerator.get_current();
if (oUser.get_loginName() == currentUser.get_loginName()) {
UserExistInGroup = true;
break;
if(UserExistInGroup)
break;
if(UserExistInGroup)
//code
function onQueryFailed(sender, args) {
alert('Request failed. ' + args.get_message() + '\n' + args.get_stackTrace());
The code works fine if i log-in as a site collection owner. If i log-in as any other user having contribute access on site I get following error message
"Access Denied. You do not have permission to perform this action or access this resource."
What permission do i need to give users so that they can loop through all site groups and users?
Thanks,
AmeyaHey,
Please check group settings for your group and set below property
Who can view the membership of the group? to Everyone. It may resolve access related issue.
Thanks. Please mark it as answer if it helps. -
Hi I would like to be able to check if the logged in user is a member of the administrator group programatically through c#
I know that I can get the user's GUID / check if they are actually a user in project server (resource table in reporting DB) but I am having trouble finding out how to programatically check if they are a member of the "Administrators" group.
Could somebody please provide a code sample of how to check if a user is in the administrators group when you have their GUID or username or name?
I did not see a table in the reporting DB that has this so I am guessing this has to be done through the PSI..
Thanks in advance!
BTW.. i am just wondering is there a way to check each groups permission levels? was wondering that if it is possible, what is the best way to implement a similar security model to that of the actual project server 2010hi Amit :) I ended up finding the answer myself before you posted here but thank you for your reply anyways, it is basically the same thing that I did.
This is what I ended up doing :) Basically I have three different types of users configured in my web.config - admins, readwrite users, and read only users. In my code here I loop through and find out who the person is. Based on what group they are in I
can later show/hide different options in my application :)
SvcSecurity.SecurityClient security = new SecurityClient(ENDPOINT_PROJ_SECURITY);
string adminGroupsString = ConfigurationManager.AppSettings["adminGroups"];
string readWriteString = ConfigurationManager.AppSettings["readWriteGroups"];
string readOnlyString = ConfigurationManager.AppSettings["readOnlyGroups"];
List<string> adminGroups = new List<string>(adminGroupsString.Split(';'));
List<string> readWriteGroups = new List<string>(readWriteString.Split(';'));
List<string> readOnlyGroups = new List<string>(readOnlyString.Split(';'));
List<Guid> adminGroupIDs = new List<Guid>();
List<Guid> readWriteGroupIDs = new List<Guid>();
List<Guid> readOnlyGroupIDs = new List<Guid>();
List<Project> projectList = new List<Project>();
SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["RDB"].ConnectionString);
con.Open();
SqlCommand command = new SqlCommand("SELECT * FROM MSP_EpmResource where ResourceNTAccount = @username", con);
command.Parameters.AddWithValue("@username", this.User.Identity.Name);
SqlDataReader reader = command.ExecuteReader();
if (reader.Read())
string resourceID = reader["ResourceUID"].ToString();
//Get a list of security groups
SvcSecurity.SecurityGroupsDataSet sgds = security.ReadGroupList();
//Get the IDs of the required groups
foreach (SvcSecurity.SecurityGroupsDataSet.SecurityGroupsRow ds in sgds.SecurityGroups)
if (adminGroups.Exists(group => ds.WSEC_GRP_NAME == group))
adminGroupIDs.Add(ds.WSEC_GRP_UID);
else if (readWriteGroups.Exists(group => ds.WSEC_GRP_NAME == group))
readWriteGroupIDs.Add(ds.WSEC_GRP_UID);
else if (readOnlyGroups.Exists(group => ds.WSEC_GRP_NAME == group))
readOnlyGroupIDs.Add(ds.WSEC_GRP_UID);
bool isAdmin = false;
//Go through each group using the id and check if the current
//user is in that group (for example here check if the user is an admin)
foreach (Guid id in adminGroupIDs)
SecurityGroupsDataSet group = security.ReadGroup(id);
foreach (SvcSecurity.SecurityGroupsDataSet.GroupMembersRow member in group.GroupMembers)
if (member.RES_UID.ToString().Equals(resourceID))
isAdmin = true;
Session["createReport"] = "true";
break;
//If the user is not an admin then continue checking who they are
if (!isAdmin)
bool readWrite = false;
//Check if the user is a read write group member
foreach (Guid id in readWriteGroupIDs)
SecurityGroupsDataSet group = security.ReadGroup(id);
foreach (SvcSecurity.SecurityGroupsDataSet.GroupMembersRow member in group.GroupMembers)
if (member.RES_UID.ToString().Equals(resourceID))
Session["createReport"] = "true";
readWrite = true;
break;
//If the user is not a read write group member either then check if they are a team member
if (!readWrite)
foreach (Guid id in readOnlyGroupIDs)
SecurityGroupsDataSet group = security.ReadGroup(id);
foreach (SvcSecurity.SecurityGroupsDataSet.GroupMembersRow member in group.GroupMembers)
if (member.RES_UID.ToString().Equals(resourceID))
Session["createReport"] = "false";
break;
Cheers! :) -
Check drop down value with the sharePoint Group User In sharepoint 2010
Hi,
We have one requirement, When user selects any value from the Drop down we need to compare that value to the SharePoint Group.
If that User is there in the group then only user allow to add new item to the list otherwise we need to display message(i.e. U r not a correct person).
We used below code:
public static bool IsUserMemberOfGroup(SPUser user, string grpname)
bool result = false;
if (!String.IsNullOrEmpty(grpname) && user != null)
foreach (SPGroup group in user.Groups)
if (group.Name == grpname)
// found it
result = true;
break;
return result;
IsUserMemberOfGroup(ddlusers.selected value,"GrpName")
But it's showing error.With regards to the error message: I'm assuming you are not using SPUser objects within the dropdown and that the first parameter you are passing is missing the . (period) between selected and value is just a typo.
IsUserMemberOfGroup(ddlusers.selected value,"GrpName")
Assuming that, it may be because (for the first parameter of IsUserMemberOfGroup) you are trying to pass in a string value (ddlusers.selected.value) when it is expecting an SPUser object.
Two options (both requiring you to convert string to SPUser) are:
1. Before you call the function convert the string to an SPUser object then pass in the SPUser
2. Modify the first parameter of the function to be a string and do the conversion within the function (probably what I would do as more reusable).
To convert to an SPUser it depends on what is listed within the drop down.
If it is usernames then you can do something like: SPUser user
= SPContext.Current.Web.EnsureUser(ddlusers.selected.value);
If it is something else (not usernames) then you would need to workout how to convert to SPUser.
A bit confused on what you are trying to achieve here - what if I select another user in the list that isn't me? Can I then add something to the list?
Maybe you are looking for
-
How to determine the right PR Release strategy
Hi Experts, Could u help me to solve this problem! As our business, we want the system automatically determine the right Release Strategy based on the total Amount(amt) of PR such as - if PR total amt <= 1000 USD --> must checked by only Department
-
Hi All, In MD04 output for a material, i see an exception message 26 & in the MRP element column i see Projct. I would like to know what is this exception message & what might be the reason i am seeing it? For this material i see a order reservation
-
Hi, I know this has been asked previously and I have gone thorugh the posts day after day trying to figure them but am having no luck at all. Would appreciate someone in the know looking at my code and pointing me in the right direction.. I have an a
-
Disable eefects in after effects cs6
who can enable effects in after effects cs6?all are disable!
-
IN Adobe X1 how to I get to CROP TOOL please
In Adobe X1 how to I get to CROP TOOL please