How can I use Perl to test for Win32 group membership when group contains nested groups? | ansaurus

tags:

views:

40

answers:

1

+2 Q:

How can I use Perl to test for Win32 group membership when group contains nested groups?

I'm trying to use Perl to determine if a Windows users is a member of a Windows group, if the the group contains nested groups.

I've tried using Win32::NetAdmin::GroupIsMember(), but it only works if the user a direct member of the group.

I'm not a AD or LDAP expert, but the examples I googled for exhibit the same behavior.

For example, User "joe" is a member of the group "A". Group "A" is a member of group "B". I want to test to see if joe is member of "B".

A:

You could either use recursion to scan through the AD or (better) enumerate group membership through the SID's. See the following for an example: http://explodingcoder.com/blog/content/how-query-active-directory-security-group-membership

igelkott 2010-10-09 07:40:24

I tried that code, but enumerating SIDs only returns the groups that the user is direct member of.

Neil Johnson 2010-10-11 13:52:45

I.E. Enumerating SIDS will show user "joe" is member of group A, but not group B.

Neil Johnson 2010-10-11 14:01:09

The article I linked to seems to apply to your situation exactly. From the article: "... the user is a member of 'IT Operations', and that group is a member of 'IT Department'." I didn't describe the method in any detail since the article does a better job than I would have. There's a code example in Perl as well.

igelkott 2010-10-11 19:11:47

related questions

How to read a value from the Windows registry

CreateProcessAsUser vs ShellExecute

How do you configure an OpenFileDIalog to select folders?

Is there anything similar to the OS X InputManager on Windows?

So what am I missing with this here WPF?

How to convert std::string to LPCWSTR in C++ (Unicode)

Notification of drop in drag-drop in Windows

Find out which process has an exclusive lock on a USB device handle

What's an alternative to GWL_USERDATA for storing an object pointer?

FlashWindowEx FLASHW_STOP still keeps taskbar colored

Getting UI text from external app in C#

Sending a mouse click to a button in the taskbar using C#

Suitable alternative to CryptEncrypt

Is FindFirstChangeNotification the best API to use for file system change notification on windows?

What is the easiest way to parse an INI File in C++?

_wfopen equivalent under Mac OS X

Validating a Win32 Window Handle

Get list of domains on the network

Does it still make sense to learn low level WinAPI programming?

How do you create your own moniker (URL Protocol) on Windows systems?

Where is a good place to start programming GUIs for windows?

Bringing Window to the Front in C# using Win32 API

How can you tell when a user last pressed a key (or moved the mouse)?

Can a windows dll retrieve its own filename?

Wiggling the mouse using C#