Map Active Directory Users to Internal Groups
Question
We have an in-house database that works with Users & Groups, and assigns Rights to certain Groups, and assigns Groups to Users.
We're looking to integrate this with Active Directory and I had a few questions on the subject.
If our software creates the groups "Administrators" and "Employees", how do we go about assigning AD users to these groups? Is this something where the local system administrator who wants to use our software will have to make compatible groups to match up with the groups we've defined in our software?
Basically, I would like some references, or clarification on the process of giving our internal rights to AD Users / Groups. We're using SQLite to provide an embedded, encrypted Database which holds our internal users/groups/rights.
Thank you!
1 answers
solution1
1 2013-02-28 21:40:41
If you just want to 'clone' the users that exist in the directory server, you can do it with a batch file or powershell (or C# if you prefer) script that just iterates over the directory groups/users and recreates them in their representation in your application.
If you are trying to authenticate via a directory server, and get the user information from the thread identity or from the other authentication mechanisms in .net land, you'll need to get a bit dirty, especially if the directory server software and versions vary from customer to customer.
Which is your goal?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.