Re: Does IsInRole() grab just Groups? Can I get Organizational Units?
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 09/01/05
- Previous message: kmacintyre: "Invalid_Viewstate with email address"
- In reply to: Craig Vedur: "Does IsInRole() grab just Groups? Can I get Organizational Units?"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Does IsInRole() grab just Groups? Can I get Organizational Units?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 01 Sep 2005 14:30:02 -0700
Hello Craig,
no - IsInRole checks for the security groups a user is member of.
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Hey,
>
> I posted before about IsInRole and was told if you do Windows
> Authentication with Identity Impersonation, you can check against
> security groups. However, the LDAP is separated into Organizational
> Units. I did a test and am assuming IsInRole() will not test for OU
> membership? Can anyone confirm this?
>
> I guess the only way to check for OU membership is to traverse a
> DirectoryEntry root w/ System.DirectoryServices.dll
>
> Can anyone help w/ this?
>
> Thanks
>
- Previous message: kmacintyre: "Invalid_Viewstate with email address"
- In reply to: Craig Vedur: "Does IsInRole() grab just Groups? Can I get Organizational Units?"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Does IsInRole() grab just Groups? Can I get Organizational Units?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
