System.DirectoryServices GroupPrincipal.GetMembers always returns null for EmailAddress of last element.

[merlinschumacher]

Description

The method System.DirectoryServices GroupPrincipal.GetMembers should return a list of group members of a given GroupPrincipal. Each element contains multiple attributes of the returned UserPrincipals. The results also contain e-mail addresses. But the EmailAddress property of the last element is always empty, regardless of which AD entry it is.

Reproduction Steps

using System.DirectoryServices.AccountManagement;

var server = "YOUR-AD-SERVER:3268";
var searchBase = "DC=example,DC=com";
var group = @"example-com\UserGroup";

var context = new PrincipalContext(ContextType.Domain, server, searchBase);

GroupPrincipal gPrincipal = GroupPrincipal.FindByIdentity(context, IdentityType.SamAccountName, group);

PrincipalSearchResult<Principal> groupMembers = gPrincipal.GetMembers(false);

UserPrincipal lastUser = (UserPrincipal)groupMembers.Last();

// Will show no mail address
Console.WriteLine($"Last user is {lastUser.SamAccountName} with {lastUser.EmailAddress}");

var userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, groupMembers.Last().SamAccountName);

// Will show a mail address
Console.WriteLine($"Last user is {userPrincipal.SamAccountName} with {userPrincipal.EmailAddress}");

Expected behavior

The last entry should include the AD user's E-Mail address.

Actual behavior

The last entries EmailAddress property is always null.

Regression?

Unknown.

Known Workarounds

A workaround would be to get all group members one by one to retrieve the proper entries. Or just get the missing last one.

var userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, groupMembers.Last().SamAccountName);

Configuration

Affected .NET Platforms:. NET7, .NET 6, .NET Framework 4.7.2
OS: Windows 10, Windows Server 2016
Architecture: x64

Other information

No response

Tagging subscribers to this area: @dotnet/area-system-directoryservices, @jay98014
See info in area-owners.md if you want to be subscribed.

Issue Details

---

Description

The method System.DirectoryServices GroupPrincipal.GetMembers should return a list of group members of a given GroupPrincipal. Each element contains multiple attributes of the returned UserPrincipals. The results also contain e-mail addresses. But the EmailAddress property of the last element is always empty, regardless of which AD entry it is.

Reproduction Steps

using System.DirectoryServices.AccountManagement;

var server = "YOUR-AD-SERVER:3268";
var searchBase = "DC=example,DC=com";
var group = @"example-com\UserGroup";

var context = new PrincipalContext(ContextType.Domain, server, searchBase);

GroupPrincipal gPrincipal = GroupPrincipal.FindByIdentity(context, IdentityType.SamAccountName, group);

PrincipalSearchResult<Principal> groupMembers = gPrincipal.GetMembers(false);

UserPrincipal lastUser = (UserPrincipal)groupMembers.Last();

// Will show no mail address
Console.WriteLine($"Last user is {lastUser.SamAccountName} with {lastUser.EmailAddress}");

var userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, groupMembers.Last().SamAccountName);

// Will show a mail address
Console.WriteLine($"Last user is {userPrincipal.SamAccountName} with {userPrincipal.EmailAddress}");

Expected behavior

The last entry should include the AD user's E-Mail address.

Actual behavior

The last entries EmailAddress property is always null.

Regression?

Unknown.

Known Workarounds

A workaround would be to get all group members one by one to retrieve the proper entries.

var userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, groupMembers.Last().SamAccountName);

Configuration

Affected .NET Platforms: .NET 6, .NET Framework 4.7.2
OS: Windows 10, Windows Server 2016
Architecture: x64

Other information

No response

Author:	merlinschumacher
Assignees:	-
Labels:	area-System.DirectoryServices, untriaged
Milestone:	-

[buyaa-n]

@BRDPM @grubioe @jay98014 please take a look