Our IT department is setting up a new Windows 2003 server with Active Directory for the organisation. We have a custom built CRM solution which runs on PHP under Windows 2003 server + IIS. The CRM has it's own permissions structure using a MySQL database, but I would like to integrate it with the new Active Directory server. In order to do that, I would need to setup custom permissions in Active Directory which could then be accessed (via LDAP) at user authentication and used for the CRM.
1) How can I create custom permissions in Active Directory to be used by the CRM software?
2) If it's not possible to create permissions, is it possible to create custom fields for each user?
Any advice or comments appreciated.