When working programmatically with SharePoint you are likely to need to check membership of SharePoint Groups at some point. This article provides a simple route to retrieving user groups information via SharePoint’s web services.
The most obvious way to retrieve information about users in a SharePoint group is by using the methods exposed in the UserGroup.asmx SharePoint Web Service.
- In Visual Studio, create a new code project.
- Right click References in Solution Explorer and select Add Service Reference.
- Enter the URL for your SharePoint UserGroup web service in the Address box. The URL will normally be of the form: http://sharepointservername/_vti_bin/UserGroup.asmx.
- Enter a meaningful name (e.g. UserGroup) in the Namespace field and click OK.
Once the service reference has been added you may need to tweak the WCF configuration in the app.config file associated with your code project. If you have allowed anonymous access to SharePoint this won’t be necessary, but out-of-the-box SharePoint doesn’t allow anonymous access and you will have to configure the security settings for the WCF connection.
For the default Windows Authentication based set up, the security settings should be similar to:
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" proxyCredentialType="None" realm ="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>Code language: HTML, XML (xml)Then, you can retrieve information about all users in a group via the following code fragment…
using (SPGroup.UserGroupSoapClient search = new SPGroup.UserGroupSoapClient())
{
reader.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;
reader.ClientCredentials.Windows.ClientCredential =
System.Net.CredentialCache.DefaultNetworkCredentials;
XElement results = reader.GetUserCollectionFromGroup(groupName);
}Code language: C# (cs)The problem with the above approach is that, if you have defined Active Directory security groups or distribution groups as members of your SharePoint group, the method could error. A more complex alternative approach requires use of the SharePoint API to directly access a SharePoint website and retrieve the information using SPSite, SPUser, SPGroup, and SPUtilities.
List<string> users = new List<string>();
string siteUrl = "<your sharepoint url here>";
string groupName = "<your user-group name here>";
using (SPWeb webSite = new SPSite(siteUrl).OpenWeb())
{
SPGroup group = null;
if (webSite.SiteGroups != null && webSite.SiteGroups.Count > 0)
{
//Try searching in the site-specific groups first
foreach (SPGroup element in webSite.SiteGroups)
{
if (element.Name == groupName)
{
group = element;
break;
}
}
}
if (group == null && webSite.Groups != null && webSite.Groups.Count > 0)
{
//Fall back to global sites if a match hasn't been found yet
foreach (SPGroup element in webSite.Groups)
{
if (element.Name == groupName)
{
group = element;
break;
}
}
}
if (group != null && group.Users != null && group.Users.Count > 0)
{
foreach (SPUser user in group.Users)
{
if (user.IsDomainGroup)
{
users.AddRange(
this.ResolveUsersInGroups(webSite, user.LoginName));
}
else
{
users.Add(user.LoginName);
}
}
}
}
private List<string> ResolveUsersInGroups(SPWeb webSite, string groupName)
{
List<string> users = new List<string>();
bool maxedOut;
SPPrincipalInfo[] principals =
SPUtility.GetPrincipalsInGroup(webSite, groupName, 1000, out maxedOut);
if (principals != null && principals.Length > 0)
{
foreach (SPPrincipalInfo element in principals)
{
if (element.PrincipalType == SPPrincipalType.SecurityGroup ||
element.PrincipalType == SPPrincipalType.DistributionList)
{
names.AddRange(
this.ResolveUsersInGroups(webSite, element.LoginName));
}
else if (element.PrincipalType == SPPrincipalType.User)
{
names.Add(element.LoginName);
}
}
}
return names;
}Code language: C# (cs)