I need to check whether a group given by name is a security group in AD using C# code. I notice there's a property named "groupType" in groups properties, but I don't know what this property is used for. I checked severa开发者_如何学编程l groups and find its value can be null, 8 or -2147483646. Is it associated with the security group type? I also find in the distinguishedName of the group, there can be "OU=Security Group" or "OU=Secuity Group with Mail Lists" blabla. Can it be a criteria to determine security group type? Thanks in advance.
From http://adsearch-winzero.blogspot.com/2006/04/object-group-attribute-grouptype.html
The groupType attribute returns the type of group. However the returned value is in RAW format. ... -2147483646 ~ Global Security Group -2147483644 ~ Local Security Group -2147483643 ~ BuiltIn Group -2147483640 ~ Universal Security Group 2 ~ Global Distribution Group 4 ~ Local Distribution Group 8 ~ Universal Distribution Group
You can use "Security Group" as a query condition. But it's not so trustful based on how your company set up it. It's better to have a OU entry for all security groups and use that entry directly.
With all due to respect to Matt, the better answer should come from Microsoft:
https://msdn.microsoft.com/en-us/library/ms675935(v=vs.85).aspx
The values are the same, but should still come from the creator. The * security group is derived from adding the security group value of -2147483648 to the * distribution group value.
https://blogs.technet.microsoft.com/heyscriptingguy/2004/12/21/how-can-i-tell-whether-a-group-is-a-security-group-or-a-distribution-group/
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论