ReefIT
asked on
Can MS Access query Active Directory?
Hi All,
I am developing an Access 2003 application. The application runs from XP clients in a Windows 2003 domain environment. The app is broken into Front-end mde (XP clients) and the Back-end mdb (server).
The app is driven from a main menu bar. On this menu bar is a Maintenance Menu option. I want to control which users can use the Maintenance Menu by determining if the Active Directory logon account, which they logged onto the XP client with, is a member of a certain Active Directory group.
Can I do this in access?.
Thanks in Advance
Mick
I am developing an Access 2003 application. The application runs from XP clients in a Windows 2003 domain environment. The app is broken into Front-end mde (XP clients) and the Back-end mdb (server).
The app is driven from a main menu bar. On this menu bar is a Maintenance Menu option. I want to control which users can use the Maintenance Menu by determining if the Active Directory logon account, which they logged onto the XP client with, is a member of a certain Active Directory group.
Can I do this in access?.
Thanks in Advance
Mick
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
How do I determine the user name of the currenty logged on user account?.
Thanks
Thanks
This line, strUser=objUser.CN, should report the user name...
ASKER
I get 'wrong number of arguments or invalid property assignment' error on this line:
strMember=Filter(objUser.M
strMember=Filter(objUser.M
Simply use the function I mentioned in my first post like this:
IsMember("YourDomain", "Administrators", Environ$("Username"))
Just replace "YourDomain" by the domain name that you have, and "Administrators" by the group that you want to look in.
IsMember("YourDomain", "Administrators", Environ$("Username"))
Just replace "YourDomain" by the domain name that you have, and "Administrators" by the group that you want to look in.
Is it likely that the user is not a member of a group, or a member of only one?
You can test for it using
If isArray(objUser.MemberOf) Then
strMember=Filter(objUser.M
Else
'Not a member or member of only one group
You can test for it using
If isArray(objUser.MemberOf) Then
strMember=Filter(objUser.M
Else
'Not a member or member of only one group
ASKER
The following worked for me.
'Not all users of DIS can access the tool menu.
'This function finds out what Active Directory user account the user has logged onto the
'client PC with. It then checks to see if the account is a member of an AD group named through the
'constToolsMenuGroupName. If the account is a member, the menu is available.
Dim objToolsMenuGroup As Object
Dim strPath As String
Dim blnIsMember As Boolean
Dim objADSystemInfo As Object
Dim arDomainDNSName() As String
'Get a reference to the ADSystemInfo ActiveX object.
Set objADSystemInfo = CreateObject("ADSystemInfo
' Get the NetBios name of the Domain. DomainDNSName returns eg. 'reefit.local'.
' The split function returns 'reefit' and 'local'.
arDomainDNSName = Split(objADSystemInfo.Doma
' arDomainDNSName(0) the netbios name. eg. 'reefit'.
strPath = "WinNT://" & arDomainDNSName(0) & "/"
'Get a reference to the Tools menu group.
Set objToolsMenuGroup = GetObject(strPath & constToolsMenuGroupName & ",group")
'Determine the AD username, and then see if it is a member of the group.
blnIsMember = objToolsMenuGroup.IsMember
If blnIsMember Then
'Allow the menu to expand as normal.
Else
' User account doesn't have permission to use the menu.
' Displaying a msgbox also stops the menu from expanding.
MsgBox "You don't have persmission to use the Tools Menu!.", vbInformation + vbOKOnly, "Tools Menu Unavailable"
End If
'Not all users of DIS can access the tool menu.
'This function finds out what Active Directory user account the user has logged onto the
'client PC with. It then checks to see if the account is a member of an AD group named through the
'constToolsMenuGroupName. If the account is a member, the menu is available.
Dim objToolsMenuGroup As Object
Dim strPath As String
Dim blnIsMember As Boolean
Dim objADSystemInfo As Object
Dim arDomainDNSName() As String
'Get a reference to the ADSystemInfo ActiveX object.
Set objADSystemInfo = CreateObject("ADSystemInfo
' Get the NetBios name of the Domain. DomainDNSName returns eg. 'reefit.local'.
' The split function returns 'reefit' and 'local'.
arDomainDNSName = Split(objADSystemInfo.Doma
' arDomainDNSName(0) the netbios name. eg. 'reefit'.
strPath = "WinNT://" & arDomainDNSName(0) & "/"
'Get a reference to the Tools menu group.
Set objToolsMenuGroup = GetObject(strPath & constToolsMenuGroupName & ",group")
'Determine the AD username, and then see if it is a member of the group.
blnIsMember = objToolsMenuGroup.IsMember
If blnIsMember Then
'Allow the menu to expand as normal.
Else
' User account doesn't have permission to use the menu.
' Displaying a msgbox also stops the menu from expanding.
MsgBox "You don't have persmission to use the Tools Menu!.", vbInformation + vbOKOnly, "Tools Menu Unavailable"
End If
ASKER
Sorry... I meant to split that between the both of you.
Dim si
Set si=CreateObject("ADSystemI
strAdsPath=si.UserName
objUser=GetObject("LDAP://
strUser=objUser.CN
strMember=Filter(objUser.M
If ubound(strMember) >= 0 Then
' User is a member of YourGroup