Re: WindowsPrincipal & m_roles

From: JD (none@tampabay.rr.com)
Date: 10/10/02


From: none@tampabay.rr.com (JD)
Date: 10 Oct 2002 13:04:22 -0700


I'd be interested in this, too!

"wezza" <wez_p@yahoo.com> wrote in message news:<2c6001c25ff2$62bdde90$36ef2ecf@tkmsftngxa12>...
> I'm currently using LDAP to query Active Directory and
> test whether a user is a member of a particular global
> group. I have been intriduced to the IsInRole method
> which can do the exact same thing without having to call
> to AD again, however it only accepts a full group name and
> i only know part of the group name that the user is a
> member.
> In VS.NET, using the Watch window when i perform this
> check i can see that there is a set of attributes called
> m_roles which contains an array of strings of all the
> groups that the user is a member of. So if i could
> enumerate through these roles i could do some sort of
> substring test to match my partial group name to a full
> group name for authentication, however when i try and
> access m_roles, i get told that it is private.
>
> Does anyone know of a way of getting to these m_roles?



Relevant Pages

  • Re: Authentication via AD
    ... LDAP IS the normal query mechanism for AD. ... >> As long as the web server is a member of the domain you want to ... >> Whether you use digest, basic or IWA is up to you. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: LDAP returns wrong members
    ... Querying the tokenGroups attribute will show you the full security group membership for a single user, so it is usually the most helpful here. ... There IS the special filter type for doing transitive matching on DN syntax attributes added in 2K3 SP1, but it is most helpful for checking to see if a given use is a member of a specific group including via nesting rather than expanding a whole list. ... You can definitely do LDAP queries for primary group as well, You just can't determine that by looking at member/memberOf since the data is not stored there. ...
    (microsoft.public.windows.server.active_directory)
  • Re: nss_ldap and multiple group memberships
    ... SB> objects that you can use in LDAP but only one of them works. ... SB> have memberUid attributes for the member ids. ... SB> The idea is that posixGroup and posixAccount mimic the unix files so ... SB> transactions and seems unnecessarily wasteful. ...
    (freebsd-stable)
  • WindowsPrincipal & m_roles
    ... I'm currently using LDAP to query Active Directory and ... test whether a user is a member of a particular global ... enumerate through these roles i could do some sort of ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: LDAP returns wrong members
    ... - An object can be a member of a group by virtue of that object's DN being a value in the group's "member" attribute. ... Users can have a group be their primary group. ... ADUC may show you both types of memberships as it is doing something more complex than just a simple LDAP query to member. ... Joe Kaplan-MS MVP Directory Services Programming ...
    (microsoft.public.windows.server.active_directory)