Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Group membership checking

Status
Not open for further replies.
Creto

Creto

Programmer
Aug 31, 2004
90
US
I'm trying to check to see if the current user is a member of a certain group, but my script keeps failing. Everything I can find shows that what I have should work, but it's failing on the GetObject().

Code: 
Function IsMember(groupName)

  Set netObj = CreateObject("WScript.Network")
  domain = netObj.UserDomain
  user = netObj.UserName
  flgIsMember = false
  [highlight]Set userObj = GetObject("WinNT://" & domain & "/" & user & ",user")[/highlight]
  For Each grp In userObj.Groups
    If grp.Name = groupName Then
      flgIsMember = true
      Exit For
    End If
  Next
  IsMember = flgIsMember
  Set userObj = nothing
  Set netObj = nothing

End Function

retCode = IsMember("GP Export Reports")

Response.Write retCode

I've verified that the GetObject string is being properly populated, but it still breaks at that point. I've tried various methods, all using GetObject, but they fail.

Any help is appreciated.
 
Sort by date Sort by votes
It's a member server and the error is:

error '800401e4'
Invalid syntax
 
Upvote 0 Downvote
1/ ADSI functions don't run on a member server. It has to be a domain controller.

and when running on IIS on a AD contoller netObj.UserDomain will be empty and netObj.UserName will be IUSR_servername

Chris.

Indifference will be the downfall of mankind, but who cares?
A website that proves the cobblers kids adage.
Nightclub counting systems

So long, and thanks for all the fish.
 
Upvote 0 Downvote
Is there a way, without it running on a domain controller, to check group permissions then? Or is that the only option?
 
Upvote 0 Downvote
The ADSI function DLLs are only installed on AD controllers. So you would need IIS and the ADSI scripts on a controller and possibly use the XMLHTTP object to request remote data from the AD script pages.



Chris.

Indifference will be the downfall of mankind, but who cares?
A website that proves the cobblers kids adage.
Nightclub counting systems

So long, and thanks for all the fish.
 
Upvote 0 Downvote
Thanks Chris.

I'll have to see if I can come up with another method of checking groups since IIS on the controller isn't an option.

- Brandon
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Papa Bear
  • Locked
  • Question
Checking input date agains a file of holidays
Replies
3
Views
169
guitardave78
guitardave78
anon1971
  • Locked
  • Question
Group Statement Error
Replies
7
Views
135
anon1971
anon1971
unborn
  • Locked
  • Question
LDAP to get users group.
Replies
0
Views
79
unborn
unborn
snowxcross
  • Locked
  • Question
Query LDAP for Groups User is a member of
Replies
0
Views
76
snowxcross
snowxcross
niceguymattx
  • Locked
  • Question
Manage Membership on Server
Replies
1
Views
52
johnwm
johnwm

Part and Inventory Search

Sponsor

Back
Top