crystalguy2000
asked on
ACTIVE DIRECTORY challenge!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! this one took the wind out of me
Hi
i have spend the day trying to crack the case. let me explain what i am trying to accomplish
THe requirement is to use the user logon to grant him access to different roles
I have queried the group and have brought back the primaryGroupToken for all groups
cmdSearch.CommandText = "select cn,primaryGroupToken " _
& "from 'LDAP://domain/cn=my,DC=do main,DC=na me' " _
& "where objectClass='group' "
returns
A,1
B,3
C,2
Domain Users,513
when i return the primary group id of hte user i get
513,user1,userEmail1 .....
But it always returns 513 which is the Domain Users group....
How can i find the group of the logged into the site and grant him appr rights
Any help would be appreciated
i have spend the day trying to crack the case. let me explain what i am trying to accomplish
THe requirement is to use the user logon to grant him access to different roles
I have queried the group and have brought back the primaryGroupToken for all groups
cmdSearch.CommandText = "select cn,primaryGroupToken " _
& "from 'LDAP://domain/cn=my,DC=do
& "where objectClass='group' "
returns
A,1
B,3
C,2
Domain Users,513
when i return the primary group id of hte user i get
513,user1,userEmail1 .....
But it always returns 513 which is the Domain Users group....
How can i find the group of the logged into the site and grant him appr rights
Any help would be appreciated
ASKER
I am new to AD. So i dont know if the site you are referring to is a "Security Group"
I am trying to return the role of the logged in user.... I want to know whether he belong to security group A or security group B or Security group 3... If he is in group A then he is an admin..if he belongs to group b then he is not an admin and so on...
I am trying to return the role of the logged in user.... I want to know whether he belong to security group A or security group B or Security group 3... If he is in group A then he is an admin..if he belongs to group b then he is not an admin and so on...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Accept dragon-it or split...
Would like some response.
Well that is always preferred of course otherwise we are just talking amongst ourselves and the occasional cleanup volunteer :-)
>>Would like some response.
Me too. And peace in the whole world. :) But for some reason in most questions like this I think the latter have bigger chance
Me too. And peace in the whole world. :) But for some reason in most questions like this I think the latter have bigger chance
LOL. Split them up then.
Anyway so are you saying you have three sites and are trying to identify the site the user is at (if so why not assign a script to the site perhaps?). I asume if so you have the subnets and sites defined in AD already in Sites and Services.
Please clarify?