To use only SPUser objects isn’t always sufficient. To get other properties we have to retrieve user profiles. Giles Hamson gives an example how to get and how to update user profile properties with powershell. Here is an example how to get all work phones: $url = "http://intranet/" $site = Get-SPSite $url $context = Get-SPServiceContext $site $profileManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($context) $profiles = $profileManager.GetEnumerator() while ($profiles.MoveNext()) { $userProfile = $profiles.Current $name = $userProfile.

To get the distinguished name for a user, it isn’t enough to get an SPUser object. The distinguished name is the unique string for identifying a user in Active Directory (eg. CN=BeforeDAfter,OU=Test,DC=North America,DC=Fabrikam,DC=COM) Even using UserProfile object is not that clear. The distinguished name can be found in a property which can be retrieved with brackets: up[PropertyConstants.DistinguishedName] public static string GetDistinguishedName(string login) { var dn = ""; UserProfile up; using (var site = new SPSite("http://dev")) { var serviceContext = SPServiceContext.

Today I have struggled with User Profile Service Application. I should have followed this awesome tutorial by ShareponitGeorge. And many thanks to my friend David for the great assistance! One important thing to beware about: Forefront Identity Manager Service must be running. Otherwise you don’t see the existing synchronization connections and you can’t add new connections. You can ensure that this service is running by running services.msc (just press Windows button and write services).

Use LINQ to check if user is in a group. Create an extension method. public static bool InGroup(this SPUser user, SPGroup group) { return user.Groups.Cast<SPGroup>() .Any(g => g.ID == group.ID); } ```EDIT 2011-01-22: There is a shortcoming of this method. You won't get a user which is in group through a AD group. You'll get only users and ad groups. [But there is another method to check if a user is inside an AD group](/2012/01/16/check-if-a-user-is-in-a-ou/ "See my post about how to retrieve users from AD groups with PrincipalSearcher").