Can MS Access query Active Directory?

Hi All,

I am developing an Access 2003 application. The application runs from XP clients in a Windows 2003 domain environment. The app is broken into Front-end mde (XP clients) and the Back-end mdb (server).

The app is driven from a main menu bar. On this menu bar is a Maintenance Menu option. I want to control which users can use the Maintenance Menu by determining if the Active Directory logon account, which they logged onto the XP client with, is a member of a certain Active Directory group.

Can I do this in access?.

Thanks in Advance
Mick
LVL 1
ReefITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

psychakias2Commented:
Function IsMember(strDomain As String, strGroup _
   As String, strMember As String) As Boolean
  Dim grp As Object
  Dim strPath As String
 
  strPath = "WinNT://" & strDomain & "/"
  Set grp = GetObject(strPath & strGroup & ",group")
  IsMember = grp.IsMember(strPath & strMember)
End Function


And use it like this:
IsMember("YourDomain", "Administrators", "Name")
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sirbountyCommented:
Try adding this...

Dim si
Set si=CreateObject("ADSystemInfo")
strAdsPath=si.UserName
objUser=GetObject("LDAP://" & strAdsPath)
strUser=objUser.CN
0
sirbountyCommented:
Missed a piece..

Dim si
Set si=CreateObject("ADSystemInfo")
strAdsPath=si.UserName
objUser=GetObject("LDAP://" & strAdsPath)
strUser=objUser.CN
strMember=Filter(objUser.MemberOf, "YourGroup")
If ubound(strMember) >= 0 Then
' User is a member of YourGroup
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

ReefITAuthor Commented:
How do I determine the user name of the currenty logged on user account?.

Thanks
0
sirbountyCommented:
This line, strUser=objUser.CN, should report the user name...
0
ReefITAuthor Commented:
I get 'wrong number of arguments or invalid property assignment' error on this line:

strMember=Filter(objUser.MemberOf, "YourGroup")
0
psychakias2Commented:
Simply use the function I mentioned in my first post like this:

IsMember("YourDomain", "Administrators", Environ$("Username"))

Just replace "YourDomain" by the domain name that you have, and "Administrators" by the group that you want to look in.
0
sirbountyCommented:
Is it likely that the user is not a member of a group, or a member of only one?

You can test for it using

If isArray(objUser.MemberOf) Then
   strMember=Filter(objUser.MemberOf, "YourGroup")
Else
   'Not a member or member of only one group
0
ReefITAuthor Commented:
The following worked for me.

'Not all users of DIS can access the tool menu.
'This function finds out what Active Directory user account the user has logged onto the
'client PC with. It then checks to see if the account is a member of an AD group named through the
'constToolsMenuGroupName. If the account is a member, the menu is available.
    Dim objToolsMenuGroup As Object
    Dim strPath As String
    Dim blnIsMember As Boolean
    Dim objADSystemInfo As Object
    Dim arDomainDNSName() As String
       
    'Get a reference to the ADSystemInfo ActiveX object.
    Set objADSystemInfo = CreateObject("ADSystemInfo")
   
    ' Get the NetBios name of the Domain. DomainDNSName returns eg. 'reefit.local'.
    ' The split function returns 'reefit' and 'local'.
    arDomainDNSName = Split(objADSystemInfo.DomainDNSName, ".")
   
    ' arDomainDNSName(0) the netbios name. eg. 'reefit'.
    strPath = "WinNT://" & arDomainDNSName(0) & "/"
    'Get a reference to the Tools menu group.
    Set objToolsMenuGroup = GetObject(strPath & constToolsMenuGroupName & ",group")
    'Determine the AD username, and then see if it is a member of the group.
    blnIsMember = objToolsMenuGroup.IsMember(strPath & Environ$("Username"))
   
    If blnIsMember Then
        'Allow the menu to expand as normal.
    Else
        ' User account doesn't have permission to use the menu.
        ' Displaying a msgbox also stops the menu from expanding.
        MsgBox "You don't have persmission to use the Tools Menu!.", vbInformation + vbOKOnly, "Tools Menu Unavailable"
    End If
0
ReefITAuthor Commented:
Sorry... I meant to split that between the both of you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Access

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.