I need to find a user's memberOf list, (and all nested groups), very
quickly. My current method is to iterate through the the results of the
the MemberOf property and then do the same to each of those groups.
While complete, this is painfully, painfully, (grow old and die before
it is done), slow.
I have looked at the m_role attribute of the princible object:
WindowsPrincipa l MyPrincipal = new WindowsPrincipa l(UserIdentity) ;
MyPrincipal.IsI nRole(WindowsBu iltInRole.User) ;
FieldInfo field = typeof(WindowsP rincipal).GetFi eld("m_roles",
BindingFlags.No nPublic | BindingFlags.In stance);
string[] Roles = (string[])field.GetValue (MyPrincipal);
Write("<hr>Got " + Roles.Length.To String() + " groups/roles back [string
array]<br>\n");
foreach (string Role in Roles)
{
Write("Group=" + Role + "<br>\n");
}
but this is horribly incomplete and only lists the built in groups,
(Everyone, Domain Users, etc), which is useless to me.
I also tried the TokenGroup properties:
string[] TokenGroups = new string[]
{
"tokenGroup s",
"tokenGroupsGlo balAndUniversal ",
"tokenGroupsNoG CAcceptable"
};
DirectoryEntry DE = Utility.GetDire ctoryEntry(User DN);
DE.RefreshCache (TokenGroups);
for(int i=0; i<TokenGroups .length; i++)
{
Write("\n<hr>" + TokenGroups[i] + "<br>\n");
PropertyValueCo llection tg = DE.Properties[TokenGroups[i]];
foreach (byte[] SID in (Array)tg.Value )
{
Write("SID Name = " + getNameFromSID( SID) + "<br>\n");
}
}
but these are just as incomplete as the m_role list.
This is a common enough problem that I thought there would be lots of
solutions on Google but these 2 methods were all that I could find,
(other than the brutally slow method I am already using).
This code will be calculating complete lists for thousands of users and
my method has way too much overhead. I need the nested groups since our
security model is complex and very deep. Any help would be greatly
appriecaiated.
Thanks
-Cam 3 1621
"cameron" <ca************ ****@appdepot.c om> wrote in message
news:OS******** ******@TK2MSFTN GP11.phx.gbl... I need to find a user's memberOf list, (and all nested groups), very quickly. My current method is to iterate through the the results of the the MemberOf property and then do the same to each of those groups. While complete, this is painfully, painfully, (grow old and die before it is done), slow.
You might want to reconsider your reasons for wanting to do this. What are
you going to do with that list once you get it? And how much do you care
that some of the groups may change their group membership, perhaps even
while you're recursively enumerating?
--
John Saunders
johnwsaundersii i at hotmail
It is a web application. The list is used to control the display of the
page since each group can potentially change the layout of the window.
The list is calculated and cached and used until one of its
dependencies, (the groups), are changed at which time it is recalculated.
I can not really use the 'IsInRole' stuff since I do not know the groups
in advance, (user defined groups so they are completely aribarily named
and configured).
-Cam
John Saunders wrote: "cameron" <ca************ ****@appdepot.c om> wrote in message news:OS******** ******@TK2MSFTN GP11.phx.gbl...
I need to find a user's memberOf list, (and all nested groups), very quickly. My current method is to iterate through the the results of the the MemberOf property and then do the same to each of those groups. While complete, this is painfully, painfully, (grow old and die before it is done), slow.
You might want to reconsider your reasons for wanting to do this. What are you going to do with that list once you get it? And how much do you care that some of the groups may change their group membership, perhaps even while you're recursively enumerating?
"cameron" <ca************ ****@appdepot.c om> wrote in message
news:es******** ******@TK2MSFTN GP12.phx.gbl... It is a web application. The list is used to control the display of the page since each group can potentially change the layout of the window. The list is calculated and cached and used until one of its dependencies, (the groups), are changed at which time it is recalculated.
I can not really use the 'IsInRole' stuff since I do not know the groups in advance, (user defined groups so they are completely aribarily named and configured).
When a group changes the layout of the window, do you know the name of the
group? If so, you can use IsInRole.
--
John Saunders
johnwsaundersii i at hotmail This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Brian Loesgen |
last post by:
The next San Diego .Net User Group meeting is Tuesday, November 25,
2003 at the Scripps Ranch Library.
Scripps Ranch Library
10301 Scripps Lake Drive
San Diego, CA 92131-1026
Please join us at 6:00 pm for pizza and networking. The meeting starts
at 6:30 pm.
|
by: Terry E Dow |
last post by:
Howdy,
I am having trouble with the objectCategory=group member.Count attribute.
I get one of three counts, a number between 1-999, no member (does not
contain member property), or 0. Using LDIFDE as a comparison I get the same
results. No members means just that, an empty group. Zero means that the
DirectorySearcher.SizeLimit has been...
|
by: mrwoopey |
last post by:
Hi,
I am using the example "Authenticate against the Active Directory by
Using Forms Authentication and Visual Basic .NET":
http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340
But I am having a problem figuring out the LDAP://
The LDAP:// that I pass looks like this (i substitued generic the
|
by: clintonG |
last post by:
I applied aspnet_regsql to SQL2K which was working fine throughout Beta 2
development. After installing Visual Studio and SQL Express RTM my
application has blown up. Logging in to the application became
realllllllllllly slow. Content in LoginView Role Groups was not displaying
even after a user in a role had logged in.
It was taking about...
|
by: VB Programmer |
last post by:
I am using personalization/profile to store info for the user that is not
contained in the aspnet_Users or aspnet_Membership tables. This info
includes, firstname, lastname, and phonenumber.
On my "signup" page I ask for all their info at one time, including
username, password, firstname, lastname, etc.... After I do a...
| |
by: TC |
last post by:
In the past I always regarded user/group security as fairly tight. It
is tricky to implement, but once implemented properly, it can't be
cracked except through a dedicated effort.
Recently, however, I saw something which greatly lowered my opinion of
user/group security. I sent a secured database to a colleague. I forgot
to send him the...
|
by: Ryan |
last post by:
I am going to create an asp site that allows the users to fill out
application information. Their personal information will be stored server
side in a SQL 2005 database and they can come back to the site later and
repopulate the fields with their information by using a login (email
address/password). Are their any templates available for...
|
by: Scott M. |
last post by:
When profile data is stored in ASP .NET, where is the user data persisted?
For how long is it persisted: is it session persisted or permanent (like a
cookie)?
|
by: Brett |
last post by:
I have an ASP.NET 2.0 application that uses Forms Authentication. The
startup page contains just a login control, and the site works well on an
IIS 6 web server. I am now setting the site up on the production web
server, which runs Windows 2008 Server and IIS 7. The login page comes up,
but when I try to log in, I get the error, "Login...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it. ...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |