Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
READING ACTIVE DIRECTORY USERLIST (LDAP) IN VFP 8 3
- Thread starter WIREMESH
- Start date
-
1
- #2
- Thread starter
- #3
What I am trying to do is periodically synchronize the passwords in my application's database with the network login id/password the users use to log into the network. This way the users can use the same passwords. For many reasons, I still want to maintain a separate table containing the users login info in my database.
Periodically, my application would query the LDAP directory and update the login information accordingly.
Periodically, my application would query the LDAP directory and update the login information accordingly.
jesylv
MIS
- Jul 1, 2001
- 135
- 0
- 0
I am not sure how you would manage the passwords from the ldap directory. They are encrypted and you would need to know how to decrypt them or how to compare the password passed at your login screen to the crypted value in your table. Not sure this is possible nor practical.
Jean
Jean
- Thread starter
- #5
-
2
- #6
Mike Gagnon
Programmer
Try this:
Mike Gagnon
If you want to get the best response to a question, please check out FAQ184-2483 first.
ReFox XI (www.mcrgsoftware.com)
Code:
strDomain = "STG" && Your own domain name
Clear
On Error
Public PrimDomainContr
Create Cursor names (username c(30),fullname c(80),description c(80),Class c(50),accdisable l,;
acclocked l,profile c(30),loginscript c(50),Homedir c(30))
PrimDomainContr = Getobject("WinNT://" + strDomain)
For Each User In PrimDomainContr
If User.Class = 'User'
Insert Into names (username,fullname,description,Class,accdisable,acclocked,profile,;
loginscript,Homedir) Values (User.Name,user.fullname,User.description,User.Class,User.AccountDisabled,;
User.IsAccountLocked,User.Profile,User.loginscript,User.Homedirectory)
Endif
Next
Browse NormMike Gagnon
If you want to get the best response to a question, please check out FAQ184-2483 first.
ReFox XI (www.mcrgsoftware.com)
Mike Gagnon
Programmer
Thanks for the star Jean. Are you from Ontario?
Mike Gagnon
If you want to get the best response to a question, please check out FAQ184-2483 first.
ReFox XI (www.mcrgsoftware.com)
Mike Gagnon
Programmer
Jean,
Hey neighbors!!! I work in Montreal. Funny your ISP is showing you to be in Ontario.
Mike Gagnon
If you want to get the best response to a question, please check out FAQ184-2483 first.
ReFox XI (www.mcrgsoftware.com)
Hey neighbors!!! I work in Montreal. Funny your ISP is showing you to be in Ontario.
Mike Gagnon
If you want to get the best response to a question, please check out FAQ184-2483 first.
ReFox XI (www.mcrgsoftware.com)
jesylv
MIS
- Jul 1, 2001
- 135
- 0
- 0
Hi Mike
A couple of things:
1) OK. I'll bite. How did you get my IP Address? Do I need stronger glasses or what?
2) An Ontario IP you say? Must be Bell's contribution to the unity debate ;-)
3) Thanks for your numerous and excellent contributions you did and continue to do. They saved me dozen of sleepless nights. So if ever you are in NDG, give me a shout and I'll pay you a brevage of your choice...
Jean
A couple of things:
1) OK. I'll bite. How did you get my IP Address? Do I need stronger glasses or what?
2) An Ontario IP you say? Must be Bell's contribution to the unity debate ;-)
3) Thanks for your numerous and excellent contributions you did and continue to do. They saved me dozen of sleepless nights. So if ever you are in NDG, give me a shout and I'll pay you a brevage of your choice...
Jean
Mike Gagnon
Programmer
Not your IP. A little known feature at Tek-Tips. If you go to user's profile (double click oin the user's name to see his profile), hover your mouse on the "apostrophe" of the name at the top, it should give you an idea (obviously not 100% acurate), of the location of the member.
Perhaps it has to do with the Gomrey report that came out yesterday. Bell moved to Ontario.
You are welcome. Who knows maybe will see each other at DevTeach.
Mike Gagnon
If you want to get the best response to a question, please check out FAQ184-2483 first.
ReFox XI (www.mcrgsoftware.com)
- Thread starter
- #13
Guys,
Thanks for all the wonderful help. Thru this process I was able to crystallize what the client wants.
Basically, when the network administrator adds a new user to a domain they want our application to automatically recognize the user and log the user in accordingly, bypassing our user name/password screen. Using the responses above will give me a list of users in the domain. The problem I see is when our application is used in a larger company with many users, possibly 10 users should have access to our application, not everyone in the company. I believe the network admin will create a specific group for our application and the expectation would be that only users of this particular group would be able to log into our application. Therefore, taking to account the responses above, how do I get a list of users for a particular group in a domain?
Thanks for all the wonderful help. Thru this process I was able to crystallize what the client wants.
Basically, when the network administrator adds a new user to a domain they want our application to automatically recognize the user and log the user in accordingly, bypassing our user name/password screen. Using the responses above will give me a list of users in the domain. The problem I see is when our application is used in a larger company with many users, possibly 10 users should have access to our application, not everyone in the company. I believe the network admin will create a specific group for our application and the expectation would be that only users of this particular group would be able to log into our application. Therefore, taking to account the responses above, how do I get a list of users for a particular group in a domain?
jesylv
MIS
- Jul 1, 2001
- 135
- 0
- 0
Seems to me that your requirements are simple.
1) Use windows credentials to log into an application
2) restrict access to a finite user list.
Then why not proceed like this:
1)Get the username via SYS(0).
2) Compare this name to a list of authorized users that you keep in a table. You dont need to keep a record for each users in a domain, you only need a record for users that you want to grant access.
That way you dont have to rely on network administrators to change access rights. You do it directly in your table.
Jean
1) Use windows credentials to log into an application
2) restrict access to a finite user list.
Then why not proceed like this:
1)Get the username via SYS(0).
2) Compare this name to a list of authorized users that you keep in a table. You dont need to keep a record for each users in a domain, you only need a record for users that you want to grant access.
That way you dont have to rely on network administrators to change access rights. You do it directly in your table.
Jean
- Thread starter
- #15
While I agree with you, the problem is a sticky one. When we demonstrate our application to a company, when they are ready to purchase the IS Team comes along and asks if the program is LDAP compatible. The reason for this is the IT guys wan't our application to automatically add users once they add/remove users from the NT domain/group. In essence, they don't wan't to do double work. While I don't agree with this, I need to comply in order to make a sale. The IS guys can destroy a potential sale very quickly.
For instance, a new person is hired. They are not in our database. The IT guy adds the user to the domain/group. They want our software to recognize this, and add the user to our database automatically.
For instance, a new person is hired. They are not in our database. The IT guy adds the user to the domain/group. They want our software to recognize this, and add the user to our database automatically.
- Status
Similar threads
