Log In
[Expand]General Information
[Expand]WinForms Controls
[Expand]ASP.NET Controls and MVC Extensions
[Expand]ASP.NET Bootstrap Controls
[Expand]ASP.NET Core Bootstrap Controls
[Expand]WPF Controls
[Expand]Xamarin Controls
[Expand]Windows 10 App Controls
[Expand]Office File API
[Expand]Report and Dashboard Server
[Collapse]eXpressApp Framework
 [Expand]Getting Started
 [Expand]Design-Time Features
 [Collapse]Task-Based Help
  [Expand]Business Model Design
  [Expand]Application Model
  [Expand]List Editors
  [Expand]Property Editors
  [Expand]Scheduler and Notifications
    How to: Assign the Same Permissions for All Users of an Active Directory Group
    How to: Call Direct SQL Queries in Integrated Mode or through the Middle Tier Application Server
    How to: Connect to the WCF Application Server from Non-XAF Applications
    How to: Enable Logging in the Application Server
    How to: Get the Current User in Code
    How to: Hide the 'Protected Content' Columns in a List View and Property Editors in a Detail View
    How to: Implement a Custom Security Operation that Can be Permitted at the Type Level
    How to: Implement a Custom Security System User Based on an Existing Business Class
    How to: Implement Custom Security Objects (Users, Roles, Operation Permissions)
    How to: Manually Configure Permissions for Associated Collections and Reference Properties
    How to: Use Custom Logon Parameters and Authentication
    How to: Use the Integrated Mode of the Security System in Non-XAF Applications
    How to: Change the Client-Side Security Mode from UI Level to Integrated in XPO applications
  [Expand]Miscellaneous UI Customizations
  Frequently Asked Questions (FAQ)
 [Expand]API Reference
[Expand]CodeRush Classic
[Expand]Cross-Platform Core Libraries
[Expand]Tools and Utilities
 End-User Documentation
This documentation page describes implementations made in our v17.2 release cycle. To learn about functionality shipping with v18.1, navigate to our updated help file experience at docs.devexpress.com. Learn More

How to: Assign the Same Permissions for All Users of an Active Directory Group

The AuthenticationActiveDirectory authentication type does not support Active Directory Security Groups out of the box. This topic demonstrates how to map XAF security roles to AD groups. When a user logs on for the first time, existing roles with names matching the user's AD group names are automatically assigned. If the user membership in AD groups was modified, the associated roles collection will be updated accordingly on the next logon.


The approach described in this topic is not supported by the Mobile platform.

  • In the module project, reference the System.DirectoryServices.AccountManagement.dll assembly, which provides the UserPrincipal class.

  • Inherit AuthenticationActiveDirectory and override the AuthenticationActiveDirectory.Authenticate method:

  • Rebuild the solution.

  • Run the Application Designer and replace the AuthenticationActiveDirectory component with the CustomAuthenticationActiveDirectory component from the toolbox (as it is demonstrated in the Pass the Custom Classes to the Security System section of the How to: Use Custom Logon Parameters and Authentication topic).

Is this topic helpful?​​​​​​​