Active Directory authentication / authorisation

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Max Vit
    #1

    Active Directory authentication / authorisation

    I have been toying with the idea of having an Active Directory
    authentication / authorisation functionality in MS Access; but there
    is not much useful info around.

    I have built these functionalities for some applications (JAVA, PHP).
    The parameters used there are the LDAP parameters for AD:

    *searchFilter: (objectClass=us er)
    *searchBase: OU=register,OU= applications,DC =inside,DC=myco mpany,DC=com
    *adminPassword: Password
    *adminName: CN=LDAP
    Lookup,OU=Servi ces,OU=applicat ions,DC=inside, DC=mycompany,DC =com
    *ldapURL: ldap://ldap.nicta.net

    But I have not had much experience with LDAP queries using VBA :-(

    Is there any sample code showing the correct synthax and appropriate
    functions to use these parameters in a VBA for Access environment?

    My idea is to have users presented with a login form; if they
    authenticate successfully against AD then I can manage their
    authorisation in locally in MS Access.

    An even better scenario would be to also check if they belong to a
    specific AD group - this way I could also manage authorisation using
    AD.

    I am using Access2k3 on Win XP S2; the AD service supports LDAP v4.

    Any help would be greatly appreciated.

    Tags: None
    • Tony Toews [MVP]
      #2
      Re: Active Directory authentication / authorisation

      Max Vit <mvit@safe-mail.netwrote:
      >I have been toying with the idea of having an Active Directory
      >authenticati on / authorisation functionality in MS Access; but there
      >is not much useful info around.
      Here's a dump of everything I found a year or go as is in OneNote. You'll have to
      figure out which of these links are appropriate to your scenario. I built a tool
      that could create folders and subfrlders by job with different permissions for the
      subfolders which varied by group.

      nternet resources
      Programmaticall y Set NTFS File System Folder Permissions

      Enumerating Local Groups and Descriptions with NetLocalGroupEn um
      Pasted from <http://vbnet.mvps.org/code/network/netlocalgroupen umdesc.htm>

      Enumerating Members of a Group with NetLocalGroupGe tMembers
      Pasted from <http://vbnet.mvps.org/code/network/netgocalgroupge tmembers.htm>

      Xcacls.exe
      Pasted from <http://support.microso ft.com/default.aspx?sc id=KB;EN-US;825751>

      How To Use High-Level Access Control APIs from Visual Basic
      Pasted from <http://support.microso ft.com/default.aspx?sc id=kb;EN-US;295004>


      http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/iadsgroup.asp


      Following might do everything I want.
      Error 404 (Not Found)!!1
      http://groups.google.ca/groups?hl=en&lr=lang_en&ie=UTF-8&safe=off&threadm=033401c30554%24deccc7a0%24a401280a%40phx.gbl&rnum=3&prev=/groups%3Fhl%3Den%26ie%3DUTF-8%26safe%3Doff%26q%3Dadsi%2Bsearch%2Borganizationalunit%26spell%3D1


      ldap

      http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnanchor/html/anch_activediradsi.asp


      Active Directory Service Interfaces Quick-start Tutorials
      Pasted from
      <http://msdn.microsoft. com/library/en-us/adsi/adsi/adsi_quick-start_tutorials .asp?frame=true >


      IADsAccessContr olEntry
      Pasted from
      <http://msdn.microsoft. com/library/en-us/adsi/adsi/iadsaccesscontr olentry.asp?fra me=true>



      An ADSI Primer, Part 11: More on Scripting Permissions and Auditing (Windows
      Scripting though)
      Pasted from
      <http://www.windowsitpr o.com/WindowsScriptin g/Article/ArticleID/7456/7456.html>


      HOWTO: Use ADsSecurity.dll to Remotely Add Local Account ACEs to an NTFS File
      Pasted from <http://support.microso ft.com/default.aspx?sc id=kb;en-us;Q285998>

      How To Use ADSI to Set Automatic Inheritance of File/Folder Permissions
      Pasted from <http://support.microso ft.com/kb/266461/EN-US/>

      Error 404 (Not Found)!!1
      http://groups.google.ca/groups?q=group+dacl+security+permissions+group:*vb*&hl=en&lr=lang_en&safe=off&selm=3A42D078.3ED7F611%40hotmail.com&rnum=10


      Various constants are at the following:
      Guides Archives | ServerWatch
      http://www.serverwatch.com/tutorials/article.php/1476721


      Security and Access Rights
      http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/base/file_security_and_access_rights.asp



      How To Use ADSI to Set Automatic Inheritance of File/Folder Permissions
      Pasted from <http://support.microso ft.com/default.aspx?sc id=kb;en-us;266461>
      VBScript recursive changing of subfolders


      IADsAccessContr olEntry Property Methods
      http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/iadsaccesscontrolentry_property_methods.asp



      HOWTO: Use ADsSecurity.dll to Remotely Add Local Account ACEs to an NTFS File
      Pasted from <http://support.microso ft.com/default.aspx?sc id=kb;en-us;Q285998>

      How To Use ADsSecurity.dll to Add an Access Control Entry to an NTFS Folder
      Pasted from <http://support.microso ft.com/default.aspx?sc id=kb;en-us;Q279682>

      --
      Tony Toews, Microsoft Access MVP
      Please respond only in the newsgroups so that others can
      read the entire thread of messages.
      Microsoft Access Links, Hints, Tips & Accounting Systems at
      Tony's Main Microsoft Access Page
      http://www.granite.ab.ca/accsmstr.htm
      Tony's Microsoft Access Hint's, Tips and FAQ

      Tony's Microsoft Access Blog - http://msmvps.com/blogs/access/

        Comment

        • Max Vit
          #3
          Re: Active Directory authentication / authorisation

          Hi Tony - Thanks a lot, very useful information!

          Once I find some suitable solution I'll post the code here for the
          benefit of others.

            Comment

            Previous template Next
            Working...