Clicky

I have an MS Access front end with a SQL 2005 back end. We use windows authentication to control privileges to the SQL database. In order to be pro active regarding security in the application, I need to know which active directory groups that a user belongs to. For example, if user belongs to AppReadOnly, I want the application to disable the new & edit record buttons to prevent data modification instead of reacting to a SQL error denying permission to change data.

asked 11/15/2011 08:43

FrankZwolinski's gravatar image

FrankZwolinski ♦♦


5 Answers:
Maybe this thread below get you closer to achieve your goal:
http://support.microsoft.com/kb/187529

Hope this helps,
Daniel
link

answered

danishani's gravatar image

danishani

Here is the code the enumerates all the groups a user belongs to.
The only issue I have left is validating the LDAP record with a windows log in name versus the CN (common name).  The CN is set to Frank Zwolinski and not my log in name frankzwolinski..

Const E_ADS_PROPERTY_NOT_FOUND = &H8000500D
Dim Group

'get the domain information first.
Set objRootDSE = GetObject("LDAP://rootDSE")
strdomain = objRootDSE.Get("defaultNamingContext")


Set OBJUSER = GetObject("LDAP://" & strdomain & ",CN=Frank Zwolinski")

Set objRootDSE = GetObject("LDAP://rootDSE")
strdomain = objRootDSE.Get("defaultNamingContext")
strADPath = "LDAP://" & strdomain
 
 
intPrimaryGroupID = OBJUSER.Get("primaryGroupID")
arrMemberOf = OBJUSER.GetEx("memberOf")

If Err.Number = E_ADS_PROPERTY_NOT_FOUND Then
    Debug.Print "The memberOf attribute is not set."
Else
    Debug.Print "Member of: "
    For Each Group In arrMemberOf
        Debug.Print Group
    Next
End If
link

answered 2011-11-15 at 17:21:15

FrankZwolinski's gravatar image

FrankZwolinski

I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

link

answered 2011-11-19 at 14:41:28

mlmcc's gravatar image

mlmcc

I posted a complete solution, but failed  to click "Accept as Solution"
The code can save many hours of research for others since I needed to take snippets from different sites to get the complete answer.
link

answered 2011-12-13 at 10:18:18

FrankZwolinski's gravatar image

FrankZwolinski

This works for Access and VB. It works as expected and is used in a production environment.

link

answered 2011-12-13 at 12:36:19

FrankZwolinski's gravatar image

FrankZwolinski

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

×60
×13
×18

Asked: 11/15/2011 08:43

Seen: 299 times

Last updated: 12/17/2011 05:20