tgr01
asked on
Determining a user membership within nested groups
Hi everybody,
I got the following problem:
User "u" is member in group "g-a", group "g-a" is member in group "g-b", and group "g-b" is member in group "g-c".
Having a given user (the currently logged on user) I want to find out what groups this user belongs to (including membership thru nested groups).
In our example user "u" is member of "g-a", "g-b", "g-c".
(I think) I know how to use ADSI to do different things, but I havent found a way to perform the task mentioned above. The algorithm has to be fast (even in large domains or Active Directories) and has to be executable for domains (NT4) and Active Directory (W2k+).
Maybe anybody knows how Windows itself knows, what groups the logged in user belongs to. I guess it has to know it somehow, otherwise it wouldnt be able to check security for the filesystem, and so on...
Help would be very appreciated!!
Thanks in advance,
Thomas
I got the following problem:
User "u" is member in group "g-a", group "g-a" is member in group "g-b", and group "g-b" is member in group "g-c".
Having a given user (the currently logged on user) I want to find out what groups this user belongs to (including membership thru nested groups).
In our example user "u" is member of "g-a", "g-b", "g-c".
(I think) I know how to use ADSI to do different things, but I havent found a way to perform the task mentioned above. The algorithm has to be fast (even in large domains or Active Directories) and has to be executable for domains (NT4) and Active Directory (W2k+).
Maybe anybody knows how Windows itself knows, what groups the logged in user belongs to. I guess it has to know it somehow, otherwise it wouldnt be able to check security for the filesystem, and so on...
Help would be very appreciated!!
Thanks in advance,
Thomas
ASKER
Thanks, EDDYKT...
but these code examples use the "NetUserGetGroups" function, which doesnt perform a nested search on groups. This function would only return group "g-a" in my example above!
any other suggestions?
but these code examples use the "NetUserGetGroups" function, which doesnt perform a nested search on groups. This function would only return group "g-a" in my example above!
any other suggestions?
ASKER
Thanks, EDDYKT...
but these code examples use the "NetUserGetGroups" function, which doesnt perform a nested search on groups. This function would only return group "g-a" in my example above!
any other suggestions?
but these code examples use the "NetUserGetGroups" function, which doesnt perform a nested search on groups. This function would only return group "g-a" in my example above!
any other suggestions?
ASKER
Thanks, EDDYKT...
but these code examples use the "NetUserGetGroups" function, which doesnt perform a nested search on groups. This function would only return group "g-a" in my example above!
any other suggestions?
but these code examples use the "NetUserGetGroups" function, which doesnt perform a nested search on groups. This function would only return group "g-a" in my example above!
any other suggestions?
Hi tgr01,
It appears that you have forgotten this question. I will ask Community Support to close it unless you finalize it within 7 days. I will ask a Community Support Moderator to:
Refund points and save as a 0-pt PAQ.
tgr01, Please DO NOT accept THIS comment as an answer.
EXPERTS: Post a comment if you are certain that an expert deserves credit. Explain why.
==========
DanRollins -- EE database cleanup volunteer
It appears that you have forgotten this question. I will ask Community Support to close it unless you finalize it within 7 days. I will ask a Community Support Moderator to:
Refund points and save as a 0-pt PAQ.
tgr01, Please DO NOT accept THIS comment as an answer.
EXPERTS: Post a comment if you are certain that an expert deserves credit. Explain why.
==========
DanRollins -- EE database cleanup volunteer
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.vbadmincode.btinternal.co.uk/code/account.zip