Programmatically Adding LDAP groups to MOSS groups

Posted: November 20, 2007 in MOSS 2007

 

I have seen a few posting for this on importing users or AD groups into a MOSS security group. For the most part it is very similar to the AD groups , however there are a couple little special things that can make it interesting and cost you a little time. Rather than annoy you with a lot of chatter, I have included functional code below to help you out. One critical thing, the groups MUST be prefixed with the LDAP provider name. This is the equivalent of the AD domain so when you get over the annoyance and stop to think about it, it makes sense.
So let’s say your LDAP provider name is: “ACMELDAP” and your group name in the LDAP system is ACME_Managers. You would enter “acmeldap:ACME_Managers” as the LDAPFullRoleName. LDAPRoleName is the field for the friendly name. Anyway, I hope this helps someone out there out. Shoot me a comment/question if you come across a better way to do any of this.

 

public bool AddLDAPRoleToMossGroup(string sharePointSiteURL, string LDAPFullRoleName, string LDAPRoleName, string MOSSGroupName)

        {

            try

            {

                SPSite StationWorkspace;

                SPWeb StationWorkspaceWeb;

                SPUser LDAPGroupUser;

 

               

                StationWorkspace = new SPSite(sharePointSiteURL);

                StationWorkspaceWeb = StationWorkspace.OpenWeb();

 

                SPUser spUser = GetSPUser(LDAPFullRoleName,LDAPRoleName, sharePointSiteURL);

 

                if (spUser == null)

                {

                    spUser = CreateUser(LDAPFullRoleName, "", LDAPRoleName, "Added by SharePoint utilities", sharePointSiteURL);

                }

 

                foreach(SPGroup curGroup in StationWorkspaceWeb.SiteGroups)

                {

                    if (curGroup.Name.ToUpper() == MOSSGroupName.ToUpper())

                    {

                        //Add and update group with new user

                        curGroup.AddUser(spUser);

                        curGroup.Update();   

                    }

                }

 

                return true;

               

            }

            catch (Exception ex)

            {

                CommonFunctions.WriteToLogFile(APPNAME, "AdminFunctions:AddLDAPRoleToMossGroup – sharePointSiteURL: " + sharePointSiteURL + " LDAPRoleName: " + LDAPRoleName + " MOSSGroupName: " + MOSSGroupName + " Error:" + ex.ToString());

                return false;

}

            }

        }

private SPUser GetSPUser(string LDAPFullRoleName, string strLoginName, string strSiteURL)

        {

            SPUser spReturn = null;

            SPSite spSite = null;

            SPWeb spWeb = null;

            try

            {

                //Open the ShrePoint site

                spSite = new SPSite(strSiteURL);

                spWeb = spSite.OpenWeb();

 

                //Check to see if user exists

                spReturn = spWeb.AllUsers[LDAPFullRoleName];

              }

            catch (Exception ex)

            {

 CommonFunctions.WriteToLogFile(APPNAME, "AdminFunctions:GetSPUser – Error: " + ex.ToString());

                return null;

            }

            finally

            {

                spWeb.Close();

                spSite.Close();

            }

 

            return spReturn;

        }

 

        //Creates a new user

        private SPUser CreateUser(string strLoginName, string strEMail, string strName, string strNotes, string strSiteURL)

        {

            SPUser spReturn = null;

            SPSite spSite = null;

            SPWeb spWeb = null;

 

            try

            {

                //Open the SharePoint site

                spSite = new SPSite(strSiteURL);

                spWeb = spSite.OpenWeb();

 

                //Assign role and add user to site

 SPRoleAssignment spRoleAssignment = new SPRoleAssignment(strLoginName, strEMail, strName, strNotes);

 

                //Using Contribute, might need high access

                SPRoleDefinition spSPRoleDefinition = spWeb.RoleDefinitions["View Only"];

 

                spRoleAssignment.RoleDefinitionBindings.Add(spSPRoleDefinition);

                spWeb.RoleAssignments.Add(spRoleAssignment);

 

                //Update site

                spWeb.Update();

                spReturn = spWeb.AllUsers[strLoginName];

 

            }

            catch (Exception ex)

            {

 CommonFunctions.WriteToLogFile(APPNAME, "AdminFunctions:CreateUser – Error: " + ex.ToString());

                spReturn = null;

            }

            finally

            {

                spWeb.Close();

                spSite.Close();

            }

 

            return spReturn;

Advertisements
Comments
  1. read more says:

    This web site truly has all of the information and facts I wanted concerning this subject and didn’t know who to ask.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s