SPUser.Groups and AD
https://sharepoint.stackexchange.com/questions/135014
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianВопрос
I have a set up like so:
USER is in an AD Group, the AD Group is in turn in a SharePoint Group.
When I call SPUser.Groups on the USER, the SharePoint Group is not returned.
Is this just how it works? Do I have to/can I do some work around like loop through all site groups and check if the user is in the relevant groups?
Решение
Yes this is annoying but how it works. SharePoint doesn't enumerate AD groups so If you have to control behaviour by Sharepoint groups then you will need to use SharePoint users in the SharePoint group.
Alternatively write some code to check the membership of SharePoint groups and if you find that a user is a domain group then go out to Ad to check its membership. One problem that I had was matching login for Sharepoint and login in AD as the Sharepoint user had the claim provider identifier at the start of login name. You can convert this using the SPClaimsManagerProvider.
Here is an example http://www.madhur.co.in/blog/2014/01/29/convert-claim-based-login-name.html
