473,854 Members | 1,467 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Sql To Active Directory Challenge

Jm
Hi All

Im not sure of which way to go about this so ill start by explaining what im
trying to do and the options ive come up with. ok..

I have a client program which talks to an sql server database whenever a
machine is turned on. It reports the client machine status to the server and
accepts incoming tcp connections for various functions. During logon the
client software will contact active directory services to retrieve the users
full name and report to the database. The sql database has stored procedures
that take your username and machinename and return a set of applications
that a user can run. This whole system runs mickey mouse. The issue i have
is a client has requested that this system include the ability to tie
applications to active directory group names. At the moment the software
uses the logged on user name only and the sql database has a table of
usernames and tied application names where required. Now im not sure of
which way to go about this. Should i be:

1. Reading all the groups a user is a member of and feeding them into a sql
stored procedure so it can check if the apps are associated to the group
names supplied (similar to how it checks for a username to be associated to
apps) ? I would think this way could work but may be slow if a user is a
member of many groups.

2. Is there a way for sql to check group memberships directly from active
directory services through a stored procedure by supplying a username and
getting it to do the rest ? The sql servers are always on machines that are
domain controllers and run in mixed mode authentications .

Well im not sure of any other ways to do this, Any help anyone can give me
is greatly appreciated.

Thanks in advance

3.
Nov 21 '05 #1
2 3242
"Jm" <ja*****@ihug.c om.au> wrote in message
news:cq******** **@lust.ihug.co .nz...
Hi All

Im not sure of which way to go about this so ill start by explaining what
im
trying to do and the options ive come up with. ok..

I have a client program which talks to an sql server database whenever a
machine is turned on. It reports the client machine status to the server
and
accepts incoming tcp connections for various functions. During logon the
client software will contact active directory services to retrieve the
users
full name and report to the database. The sql database has stored
procedures
that take your username and machinename and return a set of applications
that a user can run. This whole system runs mickey mouse. The issue i have
is a client has requested that this system include the ability to tie
applications to active directory group names. At the moment the software
uses the logged on user name only and the sql database has a table of
usernames and tied application names where required. Now im not sure of
which way to go about this. Should i be:

1. Reading all the groups a user is a member of and feeding them into a
sql
stored procedure so it can check if the apps are associated to the group
names supplied (similar to how it checks for a username to be associated
to
apps) ? I would think this way could work but may be slow if a user is a
member of many groups.

2. Is there a way for sql to check group memberships directly from active
directory services through a stored procedure by supplying a username and
getting it to do the rest ? The sql servers are always on machines that
are
domain controllers and run in mixed mode authentications .

Well im not sure of any other ways to do this, Any help anyone can give me
is greatly appreciated.

Thanks in advance


Not sure I fully understand what you're doing.
Anyhow.
I've got an app uses the windows group to decide what users get to see in
the UI.
Maybe if you use sql server to return the relevant groups as a dataset you
could loop through and check for membership of each in turn.

Dim objWindowsPrinc ipal As New WindowsPrincipa l(WindowsIdenti ty.GetCurrent)
If objWindowsPrinc ipal.IsInRole(" domain/group") = True Then

Me.btnData_Main tenance.Visible = True

End If
Nov 21 '05 #2
My opinion is that (if possible, I don't know, but 9/10 it has this
capability) it is much easier for SQL server to check if a user is a member
of Active Directory or Local Windows groups.
This way you can check the group membership in SQL and only return the
allowed apps list, you'll not need to check the membership in your app.
You should look at SQL Documentation on MSDN about how to check the
membership.
If not possible, you can get the group membership from your app, send it to
SQL stored procedures and get the apps for this group. But you should store
group names instead of usernames in SQL.

Nov 21 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
2785
by: microsoft | last post by:
Hi People, when I try to modify an active directory user programatically, I receive the following exception: The server is unwilling to process the request Reading the microsoft web site, I found this article: http://support.microsoft.com/default.aspx?scid=kb;EN-US;248717 that says the following: ..........................
9
3738
by: Mario Rodriguez | last post by:
Hi people. I have a problem adding users to Win2003 active directory programatically. When I execute my app throws the following exception: .................The specified directory service attribute or value does not exist........... Exactly the same code works fine on my win2000 active directory. My app include the use of the extensionAtributes and I'm not sure if the extensionAttributes feature was removed from win2003 Active...
1
4764
by: Andrew | last post by:
Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem I have run into I am not sure how to fix, and really not sure what is causing it. Here's what is going on (test server - Windows 2003 Server): I have a page in a folder (under anonymous authentication in IIS6) that has a link on it that...
11
2131
by: Jason Shohet | last post by:
How can I get the current logged in user on the computer? We're all Active Directory here -- Netbios is not turned on however. I need to get the name the user logged in as, when he started up his machine... TY jason shohet
6
2419
by: Leo_Surf | last post by:
Hello, I need your help adding user in Active Directory from ASP.net website. Could any one provide me the complete code for the html page. As this is my curriculam project and I dont have any Idea about ASP.net Please Help Thanks in Advance.
1
3899
by: tangus via DotNetMonster.com | last post by:
Hello all, I'm really struggling with getting some Active Directory code to work in ASP.NET. Can you please provide assistance? I am executing the following code: Dim enTry As DirectoryEntry = New DirectoryEntry("LDAP://domain") Dim mySearcher As New DirectorySearcher(enTry) Dim resEnt As SearchResult mySearcher.Filter = ("(objectClass=*)") mySearcher.SearchScope = SearchScope.Subtree
4
1733
by: Phil Kelly | last post by:
Hi! I'm very new to VB.NET; haven't coded anything since MS C v5.1..... years back, so please excuse me! I'm trying to write some code to manipulate values in Active Directory user objects; I need to write the value of (say) the company attribute. Does anyone know the relevant calls to use??? I know I could script it, but I'm enjoying the challenge at the moment!
3
3010
by: Phil Kelly | last post by:
Hi! I hope someone can help me here because I'm tearing my hair out (what little there is of it!) trying to figure out what's going on with the code below. I'm passing an Active Directory CN of a user object (like CN=Phil,OU=Users,DC=Test,DC=local) to the doRep() function, then have the function search for the user in AD ('FindOne') Then, I'm trying to get the code to msgbox the directory entry name.... but
13
2824
by: lawpoop | last post by:
Hello all - I have a two part question. First of all, I have a website under /home/user/www/. The index.php and all the other website pages are under /home/user/www/. For functions that are used in multiple files, I have php files under / home/user/www/functions/. These files simply have So, in index.php and other files, I have
0
9901
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9751
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
11025
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
10682
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
0
9513
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
7915
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
5743
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
1
4562
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
2
4159
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.