Recently we have got an requirement to remove users from a particular domain from SharePoint Web-application. In addition to it we also need to check if that user is still active on that Active Directory.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.DirectoryServices;
using System.DirectoryServices.AccountManagement;
using System.IO;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration;
namespace CheckCurrentUserStatus
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine("Started...");
Console.WriteLine("Please enter any site collection URL to access Web Application and press enter");
string siteURL = Convert.ToString(Console.ReadLine());
Console.WriteLine("Please enter domain name and press enter.");
string DomainName = Convert.ToString(Console.ReadLine());
string StartedTime = DateTime.Now.ToString();
Console.WriteLine("Started For... Site URL " + siteURL + " and Doamin Name " + DomainName);
GetAllUsersFormADomain(siteURL, DomainName);
Console.WriteLine("Stared Executing at : " + StartedTime);
Console.WriteLine("Complted Executing at : " + System.DateTime.Now.ToString());
Console.Read();
}
private static bool DoesUserExistsDisabledAndDeletable(string strDomain, string strUserName)
{
bool isUserExistsAndDisabled = false;
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, strDomain))
{
isUserExistsAndDisabled = ForEachUserNameCheckExistsAndDisabled(strDomain, strUserName, pc);
}
return isUserExistsAndDisabled;
}
private static bool ForEachUserNameCheckExistsAndDisabled(string strDomain, string strUserName, PrincipalContext pc)
{
bool isUserExistsAndDisabled = false;
UserPrincipal up = UserPrincipal.FindByIdentity(pc, strUserName);
bool UserExists = (up != null);
if (UserExists)
{
bool isEnabled = (bool)up.Enabled;
if (isEnabled)
{
isUserExistsAndDisabled = false;
Console.WriteLine(strDomain + " " + strUserName + " " + "Account Enabled...!!!");
File.AppendAllText("UsersStatus.txt", strDomain + " " + strUserName + " " + "Account Enabled...!!! Can not be Deleted." + "\r\n");
//TextWriter tsw = new StreamWriter(@"UsersStatusEnabled.txt", true);
}
else
{
isUserExistsAndDisabled = true;
Console.WriteLine(strDomain + " " + strUserName + " " + "Account is Disabled...!!!");
File.AppendAllText("UsersStatus.txt", strDomain + " " + strUserName + " " + "Account is Disabled...!!! Deleted from SharePoint" + "\r\n");
//TextWriter tsw = new StreamWriter(@"UsersStatusDisabled.txt", true);
}
}
else
{
isUserExistsAndDisabled = true;
Console.WriteLine(strDomain + " " + strUserName + " " + "Account does not exists...!!!");
File.AppendAllText("UsersStatus.txt", strDomain + " " + strUserName + " " + "Account does not exists...!!! Deleted from SharePoint." + "\r\n");
//TextWriter tsw = new StreamWriter(@"UsersNotFound.txt", true);
}
return isUserExistsAndDisabled;
}
private static void GetAllUsersFormADomain(string siteURL, string DomainName)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite objSPSite = new SPSite(siteURL))
{
if (objSPSite!=null)
{
DeleteUsers(objSPSite, DomainName);
}
}
});
}
private static void DeleteUsers(SPSite objSPSite, string DomainName)
{
SPWebApplication objSPWebApp = objSPSite.WebApplication;
foreach (SPSite siteCollection in objSPWebApp.Sites)
{
foreach (SPWeb web in siteCollection.AllWebs)
{
SPUserCollection objSPColl = web.AllUsers;
foreach (SPUser user in web.AllUsers)
{
string[] DomainAndUserName = user.LoginName.ToString().Split('\\');
if (DomainAndUserName != null && DomainAndUserName.Length > 0)
{
string Domain = DomainAndUserName[0];
string UserName = DomainAndUserName[1];
if (Domain.ToLower().Equals(DomainName.ToLower()))
{
if (DoesUserExistsDisabledAndDeletable(DomainName.ToLower(), user.LoginName))
{
web.SiteUsers.Remove(user.LoginName);
}
}
}
}
}
}
}
}
}
