Re: Active directory groups refresh question
- From: Mark Clark <M-Clark-nospam@xxxxxxxxxxxxx>
- Date: Tue, 18 Mar 2008 13:24:19 -0500
Thanks for your reply. I took your post and started looking for 'token'
on Google in relation to groups and AD and I found TokenGroups. I found
some code that I could modify and now everything is working fine. The
code looks at the AD TokenGroups and converts them to real names. It
handles nested groups and it is updated instantly - as soon as I took a
user out of a nested group the group membership list reflected that.
That's exactly what I needed!
Thanks again!
In article <D0E6936B-5138-49C1-B0FA-BF563FBF97AA@xxxxxxxxxxxxx>,
jcorey@xxxxxxxxxxxxxx says...
There is a difference between querying your local token (which is what.
you're doing below) and querying Active Directory for the list of current
groups. When a user logs in, an access token is created that has the users
SID and all SIDs of the groups that the user is a member of. This token is
only created during login so that's why you're seeing this behavior. To
obtain the most current list of groups that a user is a member of, you would
need to query Active Directory for the MemberOf list. I'm not a VB.NET guy,
so sorry for not posting any code.
- Follow-Ups:
- Re: Active directory groups refresh question
- From: Richard Mueller [MVP]
- Re: Active directory groups refresh question
- References:
- Active directory groups refresh question
- From: Mark Clark
- Re: Active directory groups refresh question
- From: Joseph T Corey
- Active directory groups refresh question
- Prev by Date: Re: Active directory groups refresh question
- Next by Date: Re: Active directory groups refresh question
- Previous by thread: Re: Active directory groups refresh question
- Next by thread: Re: Active directory groups refresh question
- Index(es):
Relevant Pages
|
