How to remove domain user from Administrators group using C#?

Question

How to remove domain user from Administrators group using C#?

85 views Asked by Vivek Nuna At 24 February 2023 at 16:52

I have written the code, which works fine when I try to remove a user.

try
{
    Console.WriteLine("user name is " + args[0]);
    using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
    {
        UserPrincipal user = UserPrincipal.FindByIdentity(ctx, args[0]);
        GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, "Administrators");

        if (user != null && group != null)
        {
            try
            {

                if (group.Members.Remove(user))
                {
                    Console.WriteLine("User successfully removed from Local Administrators.");
                }
                else
                {
                    Console.WriteLine("User is not a Local Administrator.");
                }
            }
            catch
            {
                Console.WriteLine("User is not a Local Administrator.");
            }
        }
        else
        {
            Console.WriteLine("User was not found.");

        }
    }
}
catch (Exception e)
{
    Console.WriteLine(e.ToString());
}

But it prints user not found when I try for a domain account.

T1/test1 is a domain account.

If I create a user and make it administrator. and I am able to remove it.

Original Q&A

There are 1 answers

**tuyau2poil** · Answer 1 · 2023-02-25T09:10:23+00:00

I think you have to change your context depending on the type of user (local or domain). I cannot test this code because I am not connected to a domain, but hope it should help you:

try
{
    Console.WriteLine("user name is " + args[0]);
    using (PrincipalContext domainctx = new PrincipalContext(ContextType.Domain))
    {
        using (PrincipalContext localctx = new PrincipalContext(ContextType.Machine))
        {
            UserPrincipal user;
            //local account ?
            user = UserPrincipal.FindByIdentity(localctx, args[0]);
            //or domain account ?
            if(user == null) user = UserPrincipal.FindByIdentity(domainctx, args[0]);   
            
            GroupPrincipal group = GroupPrincipal.FindByIdentity(localctx, "Administrators");
            
            if (user != null && group != null)
            {
                try
                {
                    
                    if (group.Members.Remove(user))
                    {
                        Console.WriteLine("User successfully removed from Local Administrators.");
                    }
                    else
                    {
                        Console.WriteLine("User is not a Local Administrator.");
                    }
                }
                catch
                {
                    Console.WriteLine("User is not a Local Administrator.");
                }
            }
            else
            {
                Console.WriteLine("User was not found.");
                
            }
        }
    }
}
catch (Exception e)
{
    Console.WriteLine(e.ToString());
}

TechQA.

How to remove domain user from Administrators group using C#?

There are 1 answers

Related Questions in C#

Related Questions in WINDOWS

Related Questions in ACTIVE-DIRECTORY

Related Questions in WINDOWS-USERS

Popular Questions

Popular Tags

Trending Questions