Active Directory authentication / authorisation

Max Vit

I have been toying with the idea of having an Active Directory
authentication / authorisation functionality in MS Access; but there
is not much useful info around.

I have built these functionalities for some applications (JAVA, PHP).
The parameters used there are the LDAP parameters for AD:

*searchFilter: (objectClass=user)
*searchBase: OU=register,OU=applications,DC=inside,DC=mycompany ,DC=com
*adminPassword: Password
*adminName: CN=LDAP
Lookup,OU=Services,OU=applications,DC=inside,DC=my company,DC=com
*ldapURL: ldap://ldap.nicta.net

But I have not had much experience with LDAP queries using VBA :-(

Is there any sample code showing the correct synthax and appropriate
functions to use these parameters in a VBA for Access environment?

My idea is to have users presented with a login form; if they
authenticate successfully against AD then I can manage their
authorisation in locally in MS Access.

An even better scenario would be to also check if they belong to a
specific AD group - this way I could also manage authorisation using
AD.

I am using Access2k3 on Win XP S2; the AD service supports LDAP v4.

Any help would be greatly appreciated.

Jul 6 '07 #1

Subscribe Post Reply

9249

Tony Toews [MVP]

Max Vit <mv**@safe-mail.netwrote:

>I have been toying with the idea of having an Active Directory
authentication / authorisation functionality in MS Access; but there
is not much useful info around.

Here's a dump of everything I found a year or go as is in OneNote. You'll have to
figure out which of these links are appropriate to your scenario. I built a tool
that could create folders and subfrlders by job with different permissions for the
subfolders which varied by group.

nternet resources
Programmatically Set NTFS File System Folder Permissions

Enumerating Local Groups and Descriptions with NetLocalGroupEnum
Pasted from <http://vbnet.mvps.org/code/network/netlocalgroupenumdesc.htm>

Enumerating Members of a Group with NetLocalGroupGetMembers
Pasted from <http://vbnet.mvps.org/code/network/netgocalgroupgetmembers.htm>

Xcacls.exe
Pasted from <http://support.microsoft.com/default.aspx?scid=KB;EN-US;825751>

How To Use High-Level Access Control APIs from Visual Basic
Pasted from <http://support.microsoft.com/default.aspx?scid=kb;EN-US;295004>
http://msdn.microsoft.com/library/de.../iadsgroup.asp

Following might do everything I want.
http://groups.google.ca/groups?hl=en...it%26spell%3D1

ldap

http://msdn.microsoft.com/library/de...ivediradsi.asp

Active Directory Service Interfaces Quick-start Tutorials
Pasted from
<http://msdn.microsoft.com/library/en-us/adsi/adsi/adsi_quick-start_tutorials.asp?frame=true>
IADsAccessControlEntry
Pasted from
<http://msdn.microsoft.com/library/en-us/adsi/adsi/iadsaccesscontrolentry.asp?frame=true>

An ADSI Primer, Part 11: More on Scripting Permissions and Auditing (Windows
Scripting though)
Pasted from
<http://www.windowsitpro.com/WindowsScripting/Article/ArticleID/7456/7456.html>
HOWTO: Use ADsSecurity.dll to Remotely Add Local Account ACEs to an NTFS File
Pasted from <http://support.microsoft.com/default.aspx?scid=kb;en-us;Q285998>

How To Use ADSI to Set Automatic Inheritance of File/Folder Permissions
Pasted from <http://support.microsoft.com/kb/266461/EN-US/>

http://groups.google.ca/groups?q=gro...il.com&rnum=10

Various constants are at the following:
http://www.serverwatch.com/tutorials...le.php/1476721

Security and Access Rights
http://msdn.microsoft.com/library/de...ess_rights.asp
How To Use ADSI to Set Automatic Inheritance of File/Folder Permissions
Pasted from <http://support.microsoft.com/default.aspx?scid=kb;en-us;266461>
VBScript recursive changing of subfolders
IADsAccessControlEntry Property Methods
http://msdn.microsoft.com/library/de...ty_methods.asp
HOWTO: Use ADsSecurity.dll to Remotely Add Local Account ACEs to an NTFS File
Pasted from <http://support.microsoft.com/default.aspx?scid=kb;en-us;Q285998>

How To Use ADsSecurity.dll to Add an Access Control Entry to an NTFS Folder
Pasted from <http://support.microsoft.com/default.aspx?scid=kb;en-us;Q279682>

--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at
http://www.granite.ab.ca/accsmstr.htm
Tony's Microsoft Access Blog - http://msmvps.com/blogs/access/

Jul 9 '07 #2

Max Vit

Hi Tony - Thanks a lot, very useful information!

Once I find some suitable solution I'll post the code here for the
benefit of others.

Jul 9 '07 #3

by: Jay Chan | last post by:

We have just installed a SQL Server 2000 (SP 3A) onto a computer that has Windows-2003 Server on it. Now, we cannot get access to that database server from other computers. Seem like this may be an...

Microsoft SQL Server

Forms Authentication and Active Directory

by: - Steve - | last post by:

I have forms based authentication working, using my Active Directory for authentication. I have a web page that creates a user in active directory. When I was using IIS authentication it worked...

ASP.NET

Problem querying LDAP and/or Active Directory

by: Andrew | last post by:

Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem...

ASP.NET

Accessing Active Directory Information

by: thomson | last post by:

Hi, Is it possible to access the user information from a Web Application, Iam not able to use System.DirectoryServices from my code behind.---using System.DirectoryServices What am i missing? ...

ASP.NET

"Sudden" Active Directory error on ASP.NET

by: Patrick | last post by:

I have an ASP.NET page that searches for someone in the corporate Active Directory. It had been working fine until recently when I changed from Basic Authentication on IIS6 back to Integrated...

ASP.NET

urgent help on Active Directory Authentication from dotnet

by: varkey.mathew | last post by:

Dear all, Bear with me, a poor newbie(atleast in AD).. I have to authenticate a user ID and password for a user as a valid Active Directory user or not. I have created the IsAuthenticated...

ASP.NET

Active Directory Vs Sql Server which way to go?

by: Patrick.O.Ige | last post by:

If i want to generate a menu structure depending on who is logged in in an intranet system(using windows authentication) is it better to use the GROUPS in Active Directory or to move the Active...

ASP.NET

ASP.NET 1.1 Application Pool Identity and user authentication problem with AD (Active Directory)

by: pjdouillard | last post by:

Hello all, Here is the context of my problem: We have an ASP.NET 1.1 application that has its own application pool setup and that runs under the identity of a NT Domain service account (this...

ASP.NET

Windows Authentication through Active Directory

by: Hriday | last post by:

Hi there, Please help me..It is urgent This is Hriday, working on windows authentication with Active Directory... My requirment is when a user sends a request to my web Applicatoin I want to...

Visual Basic .NET

How to turn on java script in a villaon keypad mobile phone

by: Charles Arthur | last post by:

How do i turn on java script on a villaon, callus and itel keypad mobile phone

Java

Migrating Website to Cloud - Emmanuel Katto

by: emmanuelkatto | last post by:

Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel

General

Navigating the Data Structures and Algorithms (DSA)

by: BarryA | last post by:

What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...

Algorithms / Advanced Math

How to build RAID in BIOS?

by: Hystou | last post by:

There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...

Computer Hardware

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

General

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

C / C++

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...

General

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...

Career Advice

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...

Microsoft Access / VBA

Active Directory authentication / authorisation

Similar topics