Getting group and OU membership information from an endpoint machine
Posted on 2011-02-22
Introduction (please forgive me if it's lengthy):
Our existing product runs on endpoint computers.
It's written in C# 2.0 (so we're talking about Win OS) and runs under SYSTEM credentials as a service.
We also have a server-side management program that, among other capabilities, displays the organizational domain tree using direct connection with the Directory Provider (either Active Directory or Novell).
However - now I wish to convert to a model where the server will not reside on a host inside the organization - so no more direct connection with the directory provider.
In order to still be able to construct the organizational domain tree I decided to solve this problem by adding information about the domain structure to the logs that my clients send.
(If you have a better idea please let me know - although this is not the question yet).
My problem is - how to get the domain info?
I made some attempts with LDAP and DirectoryServices libraries and managed to fetch all the information I need from the DC - but only when a user with sufficient credentials was logged on to the machine...
How can I write a code that runs on an endpoint machine as a service and can (at least) tell the group and OU membership of the machine - and of the logged on user?
Thanks a lot!