Simple code snippets to get AD user information

Simple code snippets to get AD user information

I wrote a small AD snippet just the other day, to check which AD groups a specific AD user was member of.  I needed to check if a user was member of a specific AD group, to enable or disable some “super user” functions in the system management application.

Note that it uses web.wintypes.adstypes which may only be available in XE5 and upwards?

10 thoughts on “Simple code snippets to get AD user information

  1. currently I try to use ‘tokenGroups’, have such code:

    function GetObject(const Name: string): IDispatch;


      BindCtx: IBindCtx;

      Moniker: IMoniker;

      Eaten: Integer;

      Dispatch: IDispatch;


      Result := nil;

      BindCtx := nil;

      if CreateBindCtx(0, BindCtx) = S_OK then begin

        Moniker := nil;

        if MkParseDisplayName(BindCtx, PWideChar(WideString(Name)), Eaten, Moniker) = S_OK then begin

          Dispatch := nil;

          if Moniker.BindToObject(BindCtx, nil, IADs, Dispatch) = S_OK then

            Result := Dispatch;





      ADs: IADs;

      Groups: array of OleVariant;


      ADs := GetObject(‘LDAP://’ + sADUserName) as IADs;

      SetLength(Groups, 1);

      Groups[0] := ‘tokenGroups’;

      ADs.GetInfoEx(Groups, 0);

      Groups := ADs.Get(Groups[0]);

    now I have in Groups variable: array of array of bytes, this is SIDs in RAW bytes format,

    how to contert this array’s of bytes to SidStr or PSid for using with LookupAccountSid?

Leave a Reply