Solved

How to know in code if a windows network user is member of a network group?

Posted on 2006-11-06
4
228 Views
Last Modified: 2010-04-18
Dear experts,
I need to use Windows identification to assign user rights in my software.
Thanks in advance
0
Comment
Question by:icad01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 9

Accepted Solution

by:
SamuraiCrow earned 500 total points
ID: 17887550
If you are looking for conditional batch processing you can download the ifmember.exe here:
http://www.microsoft.com/downloads/details.aspx?FamilyID=07c2f6d7-815e-4fa0-9043-4e4635ccd417&displaylang=en

Here is a quick syntax example:

:Start

ifmember "application group"
if not errorlevel 1 goto End
<run setup.exe or whatever other command you need here>
goto End

:End
0
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17887558
Another quick article on ifmember.exe:
http://www.microsoft.com/technet/archive/winntas/tips/winntmag/grlogon.mspx?mfr=true

Hope this helps
Crow
0
 

Author Comment

by:icad01
ID: 17897870
Dear SamuraiCrow,
Thanks for your quick and valuable answer, sorry for the delay.
Great utility!
Do you know how to run it from Delphi, VC++ or VB?
Thanks
0
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17899647
Generally I call the vb file from the batch file after the errorlevel command.  There are examples I've seen that discuss the VBS method of groupmembership checking (see below) but I've never tested them.  Unfortunately I don't have any experience with Delphi and very little experience with C++.  Here is the vbs syntax for a script that checks group membership then maps a couple of drives:

Option Explicit ' Force explicit declarations
'
' Variables
'
Dim WSHNetwork
Dim FSO
Dim strUserName ' Current user
Dim strUserDomain ' Current User's domain name
Dim ObjGroupDict ' Dictionary of groups to which the user belongs

Set WSHNetwork = WScript.CreateObject("WScript.Network")
Set FSO = CreateObject("Scripting.FileSystemObject")
'
' Wait until the user is really logged in...
'
strUserName = ""
While strUserName = ""
WScript.Sleep 100 ' 1/10 th of a second
strUserName = WSHNetwork.UserName
Wend
strUserDomain = WSHNetwork.UserDomain

' Read the user's account "Member Of" tab info across the network
' once into a dictionary object.

Set ObjGroupDict = CreateMemberOfObject(strUserDomain, strUserName)
If MemberOf(ObjGroupDict, "Domain Admins") Then
wscript.echo "Is a member of Domain Admins."
'REM this line to Map Network Drives

'Map network Drives here, UNREM the below lines:
'WSHNetwork.MapNetworkDrive "O:", "\\server1\share"
'WSHNetwork.MapNetworkDrive "Q:", "\\server2\share"

Else
wscript.echo "Is NOT a member of Domain Admins"
End If

Function MemberOf(ObjDict, strKey)
' Given a Dictionary object containing groups to which the user
' is a member of and a group name, then returns True if the group
' is in the Dictionary else return False.
'
' Inputs:
' strDict - Input, Name of a Dictionary object
' strKey - Input, Value being searched for in
' the Dictionary object
' Sample Usage:
'
' If MemberOf(ObjGroupDict, "DOMAIN ADMINS") Then
' wscript.echo "Is a member of Domain Admins."
' End If
'
'
MemberOf = CBool(ObjGroupDict.Exists(strKey))

End Function


Function CreateMemberOfObject(strDomain, strUserName)
' Given a domain name and username, returns a Dictionary
' object of groups to which the user is a member of.
'
' Inputs:
'
' strDomain - Input, NT Domain name
' strUserName - Input, NT username
'
Dim objUser, objGroup

Set CreateMemberOfObject = CreateObject("Scripting.Dictionary")
CreateMemberOfObject.CompareMode = vbTextCompare
Set objUser = GetObject("WinNT://" _
& strDomain & "/" _
& strUserName & ",user")
For Each objGroup In objUser.Groups
CreateMemberOfObject.Add objGroup.Name, "-"
Next
Set objUser = Nothing

End Function


Just keep in mind that if this answer isn't exactly what you are looking for you can post a question to the moderators to have points refunded (I won't take it personally) and have the question reposted in the programming forum.  My untimate goal is to leave you with something that you can use the points are really just for the fun of competition.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question