4.1.2 Example of GetADGroupMember
In this section, there is an example of a GetADGroupMember request and a GetADGroupMember response. In this example, Group1 contains User1 and Group2 as members. Group2 contains User2 as a member. The request sets the GetADGroupMemberRequest/Recursive element to true to indicate that recursive group membership is being requested.
GetADGroupMember SOAP request
<soapenv:Envelope
xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing">
<soapenv:Header>
<wsa:Action soapenv:mustUnderstand="1">http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions/AccountManagement/GetADGroupMember</wsa:Action>
<ca:Server
xmlns:ca="http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions"
xmlns="http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions">ldap:389</ca:Server>
<wsa:MessageID>urn:uuid:3f761fc3-4cff-48a8-8670-873ee7363e6a</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To soapenv:mustUnderstand="1">net.tcp://server01.fabrikam.com:9389/ActiveDirectoryWebServices/Windows/AccountManagement</wsa:To>
</soapenv:Header>
<soapenv:Body
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<GetADGroupMemberRequest xmlns="http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions">
<GroupDN>CN=Group1,CN=Users,DC=fabrikam,DC=com</GroupDN>
<PartitionDN>DC=fabrikam,DC=com</PartitionDN>
<Recursive>true</Recursive>
</GetADGroupMemberRequest>
</soapenv:Body>
</soapenv:Envelope>
GetADGroupMember SOAP response
<soapenv:Envelope
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header>
<wsa:Action soapenv:mustUnderstand="1">http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions/AccountManagement/GetADGroupMemberResponse</wsa:Action>
<wsa:RelatesTo>urn:uuid:3f761fc3-4cff-48a8-8670-873ee7363e6a</wsa:RelatesTo>
<wsa:To soapenv:mustUnderstand="1">http://www.w3.org/2005/08/addressing/anonymous</wsa:To>
</soapenv:Header>
<soapenv:Body>
<GetADGroupMemberResponse xmlns="http://schemas.microsoft.com/2008/1/ActiveDirectory/CustomActions">
<Members xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ActiveDirectoryPrincipal>
<DistinguishedName>CN=User1,CN=Users,DC=fabrikam,DC=com</DistinguishedName>
<Name>User1</Name>
<ObjectClass>user</ObjectClass>
<ObjectGuid>959ef0cb-78ab-4f79-8f65-044ab059eda8</ObjectGuid>
<ObjectTypes xmlns:sera="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
<sera:string>top</sera:string>
<sera:string>person</sera:string>
<sera:string>organizationalPerson</sera:string>
<sera:string>user</sera:string>
</ObjectTypes>
<ReferenceServer>fabrikam.com</ReferenceServer>
<SID>AQUAAAAAAAUVAAAAfoPolY9ew2y2Bh7y9AEAAA==</SID>
<SamAccountName>User1</SamAccountName>
</ActiveDirectoryPrincipal>
<ActiveDirectoryPrincipal>
<DistinguishedName>CN=User2,CN=Users,DC=fabrikam,DC=com</DistinguishedName>
<Name>User2</Name>
<ObjectClass>user</ObjectClass>
<ObjectGuid>ccb22c0e-91f3-4fb5-b790-fef0523de6f5</ObjectGuid>
<ObjectTypes xmlns:sera="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
<sera:string>top</sera:string>
<sera:string>person</sera:string>
<sera:string>organizationalPerson</sera:string>
<sera:string>user</sera:string>
</ObjectTypes>
<ReferenceServer>fabrikam.com</ReferenceServer>
<SID>AQIAAAAAAAUgAAAAIQIAAA==</SID>
<SamAccountName>User2</SamAccountName>
</ActiveDirectoryPrincipal>
</Members>
</GetADGroupMemberResponse>
</soapenv:Body>
</soapenv:Envelope>
