Basically what I'm trying to do is, I have an ASP.Net web application that's using Forms Authentication with some custom code to link it to ActiveDirectory (very similar to how this works).
However, whenever I query the domain controller for the users groups it only returns the groups that they're explicitly in and not subgroups (id est, there's a specific Security Group that the user belongs to, say group A, that is a member of the group I want, say group B, the user is explicitly in group A, but only implicitly in group B because group A is a member of group B).
I've read the tokenGroups querying could help me out here but currently I don't have a way to parse that data.
However what would be most preferable is if I could pass certain groups via an LDAP query and have the Domain controller just give me a boolean (true/false) if that user is within that group or not.
Any suggestions?