473,327 Members | 1,936 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

Sql To Active Directory Challenge

Jm
Hi All

Im not sure of which way to go about this so ill start by explaining what im
trying to do and the options ive come up with. ok..

I have a client program which talks to an sql server database whenever a
machine is turned on. It reports the client machine status to the server and
accepts incoming tcp connections for various functions. During logon the
client software will contact active directory services to retrieve the users
full name and report to the database. The sql database has stored procedures
that take your username and machinename and return a set of applications
that a user can run. This whole system runs mickey mouse. The issue i have
is a client has requested that this system include the ability to tie
applications to active directory group names. At the moment the software
uses the logged on user name only and the sql database has a table of
usernames and tied application names where required. Now im not sure of
which way to go about this. Should i be:

1. Reading all the groups a user is a member of and feeding them into a sql
stored procedure so it can check if the apps are associated to the group
names supplied (similar to how it checks for a username to be associated to
apps) ? I would think this way could work but may be slow if a user is a
member of many groups.

2. Is there a way for sql to check group memberships directly from active
directory services through a stored procedure by supplying a username and
getting it to do the rest ? The sql servers are always on machines that are
domain controllers and run in mixed mode authentications.

Well im not sure of any other ways to do this, Any help anyone can give me
is greatly appreciated.

Thanks in advance

3.
Nov 21 '05 #1
2 3214
"Jm" <ja*****@ihug.com.au> wrote in message
news:cq**********@lust.ihug.co.nz...
Hi All

Im not sure of which way to go about this so ill start by explaining what
im
trying to do and the options ive come up with. ok..

I have a client program which talks to an sql server database whenever a
machine is turned on. It reports the client machine status to the server
and
accepts incoming tcp connections for various functions. During logon the
client software will contact active directory services to retrieve the
users
full name and report to the database. The sql database has stored
procedures
that take your username and machinename and return a set of applications
that a user can run. This whole system runs mickey mouse. The issue i have
is a client has requested that this system include the ability to tie
applications to active directory group names. At the moment the software
uses the logged on user name only and the sql database has a table of
usernames and tied application names where required. Now im not sure of
which way to go about this. Should i be:

1. Reading all the groups a user is a member of and feeding them into a
sql
stored procedure so it can check if the apps are associated to the group
names supplied (similar to how it checks for a username to be associated
to
apps) ? I would think this way could work but may be slow if a user is a
member of many groups.

2. Is there a way for sql to check group memberships directly from active
directory services through a stored procedure by supplying a username and
getting it to do the rest ? The sql servers are always on machines that
are
domain controllers and run in mixed mode authentications.

Well im not sure of any other ways to do this, Any help anyone can give me
is greatly appreciated.

Thanks in advance


Not sure I fully understand what you're doing.
Anyhow.
I've got an app uses the windows group to decide what users get to see in
the UI.
Maybe if you use sql server to return the relevant groups as a dataset you
could loop through and check for membership of each in turn.

Dim objWindowsPrincipal As New WindowsPrincipal(WindowsIdentity.GetCurrent)
If objWindowsPrincipal.IsInRole("domain/group") = True Then

Me.btnData_Maintenance.Visible = True

End If
Nov 21 '05 #2
My opinion is that (if possible, I don't know, but 9/10 it has this
capability) it is much easier for SQL server to check if a user is a member
of Active Directory or Local Windows groups.
This way you can check the group membership in SQL and only return the
allowed apps list, you'll not need to check the membership in your app.
You should look at SQL Documentation on MSDN about how to check the
membership.
If not possible, you can get the group membership from your app, send it to
SQL stored procedures and get the apps for this group. But you should store
group names instead of usernames in SQL.

Nov 21 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: microsoft | last post by:
Hi People, when I try to modify an active directory user programatically, I receive the following exception: The server is unwilling to process the request Reading the microsoft web site, I...
9
by: Mario Rodriguez | last post by:
Hi people. I have a problem adding users to Win2003 active directory programatically. When I execute my app throws the following exception: .................The specified directory service...
1
by: Andrew | last post by:
Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem...
11
by: Jason Shohet | last post by:
How can I get the current logged in user on the computer? We're all Active Directory here -- Netbios is not turned on however. I need to get the name the user logged in as, when he started up...
6
by: Leo_Surf | last post by:
Hello, I need your help adding user in Active Directory from ASP.net website. Could any one provide me the complete code for the html page. As this is my curriculam project and I dont have any...
1
by: tangus via DotNetMonster.com | last post by:
Hello all, I'm really struggling with getting some Active Directory code to work in ASP.NET. Can you please provide assistance? I am executing the following code: Dim enTry As DirectoryEntry =...
4
by: Phil Kelly | last post by:
Hi! I'm very new to VB.NET; haven't coded anything since MS C v5.1..... years back, so please excuse me! I'm trying to write some code to manipulate values in Active Directory user objects; I...
3
by: Phil Kelly | last post by:
Hi! I hope someone can help me here because I'm tearing my hair out (what little there is of it!) trying to figure out what's going on with the code below. I'm passing an Active Directory CN...
13
by: lawpoop | last post by:
Hello all - I have a two part question. First of all, I have a website under /home/user/www/. The index.php and all the other website pages are under /home/user/www/. For functions that are...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.