asked on
LDAP Not all users returning Memberof information
Hello,
I have an issue thats been rattling my brain for the last few days and I've yet to find a definitive answer or solution. I'm using Windows SBS Server 2003.
I'm querying the Active Directory for memberof information for various users and eventually setting a variable based off the resulting information. The problem I'm running into is that for some users, memberof is coming back null. This is not happening for all users though...and this includes members that contain the exact same memberof information. The groups that the users belong to are not nested and I cannot seem to find any difference between the accounts in the active directory, yet the code seems to work just fine...so i think it may be a permissions issue with some accounts? I'm really not sure!
I have an issue thats been rattling my brain for the last few days and I've yet to find a definitive answer or solution. I'm using Windows SBS Server 2003.
I'm querying the Active Directory for memberof information for various users and eventually setting a variable based off the resulting information. The problem I'm running into is that for some users, memberof is coming back null. This is not happening for all users though...and this includes members that contain the exact same memberof information. The groups that the users belong to are not nested and I cannot seem to find any difference between the accounts in the active directory, yet the code seems to work just fine...so i think it may be a permissions issue with some accounts? I'm really not sure!
<%
username = request.form("username")
password = request.form("password")
Mode = 0
Set condb = Server.CreateObject("ADODB.connection")
condb.Provider = "ADsDSOObject"
condb.Open "Active Directory Provider"
Set rslog = Server.CreateObject("ADODB.Recordset")
rsselect = "SELECT sAMAccountName, Memberof, displayname FROM 'LDAP://OU=SBSUsers,OU=Users,OU=MyBusiness,DC=learn,DC=local' WHERE sAMAccountName = '" & username & "'"
rslog.Open rsselect, condb
If not rslog.eof then
ADMember = rslog("memberOf")
DisplayName = rslog("DisplayName")
If Not IsNull(ADMember) Then
ADString = CStr(ADMember(LBound(ADMember)))
For ADVariable = LBound(ADMember)+1 To UBound(ADMember)
ADString = ADString & "," & CStr(ADMember(ADVariable))
Next
End if
If InStr(ADString, "learn event editors") <> 0 Then
Mode = 1
End If
If InStr(ADString, "learn web editors") <> 0 Then
Mode = 2
End If
If InStr(ADString, "tgi faculty") <> 0 Then
Mode = 3
End If
Else
*redirect to undetermined error page
End if
result = AuthenticateUser(username, password)
If (result <> 1) then
*redirect to undetermined error page
End If
function AuthenticateUser(username, password)
AuthenticateUser = 0
rsselect2 = "SELECT cn FROM 'LDAP://OU=SBSUsers,OU=Users,OU=MyBusiness,DC=learn,DC=local'"
set condb2 = Server.CreateObject("ADODB.Connection")
condb2.Provider = "ADsDSOOBJECT"
condb2.Properties("User ID") = username
condb2.Properties("Password") = password
condb2.Properties("Encrypt Password") = true
condb2.open "DS Query", username, password
set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = condb2
cmd.CommandText = rsselect2
on error resume next
set rslog2 = cmd.Execute
if (rslog2.bof or rslog2.eof) then
AuthenticateUser = 0
else
AuthenticateUser = 1
end if
set rslog2 = nothing
set condb2 = nothing
end function
validkey = now()
Response.Cookies("user").Expires = Date + 1
Response.Cookies("user").Domain = "dev.learn.edu"
Response.Cookies("user")("Mode") = mode
Response.Cookies("user")("DisplayName") = DisplayName
*redirect to undetermined login success page
%>
Active DirectoryASP
Last Comment
tgiadmin