stackoom
  简体   繁体   中英

C++ LDAP Checking if a user is a member of a specific group

 原文  2020-07-08 15:06:25       c++/ ldap

Question

Been trying this for a while so far with no success, so hoping someone can help out (and that I'm not far off.). I just want to return whether a user is a member of a specific group through LDAP; So far I have the below code;

int authMethod = LDAP_AUTH_SIMPLE;
LDAP* pLdapConnection = NULL;
ULONG version = LDAP_VERSION3;
ULONG getOptSuccess = 0;
ULONG connectSuccess = 0;
INT returnCode = 0;
int retSearch = 0;
LDAPMessage *res;
int num_entries = 0, num_refs = 0;

pLdapConnection = ldap_init((char*)m_Hostname.GetString(), LDAP_PORT);

returnCode = ldap_set_option(pLdapConnection,
    LDAP_OPT_PROTOCOL_VERSION,
    (void*)&version);


// Connect to the server.
connectSuccess = ldap_connect(pLdapConnection, NULL);

// Bind
returnCode = ldap_bind_s(pLdapConnection, (char*)m_Username.GetString(), (char*)m_Password.GetString(), authMethod);

// Attempt to search for user
retSearch = ldap_search_s(pLdapConnection, "dc=as,dc=local", LDAP_SCOPE_SUBTREE, "(&(sAMAccountName = examplename))", NULL, NULL, &res);

All of this works so far, up until the searching part, for example - I want to search for a user "username" in group "Technical". I've tried things like the below;

retSearch = ldap_search_s(pLdapConnection, "dc=as,dc=local", LDAP_SCOPE_SUBTREE, "(&(sAMAccountName=username)(memberof=CN=Technical))",
    nullptr, 0, &pSearchResult);

That does not return anything, so I've tried searching more and the only thing similar I've found is - LDAP Finding Members of a group PHP but it's in PHP and I cannot seem to transfer that over to C++ so far.

Any help in the right direction would be helpful as I cannot work it out. :-)

1 answers

solution1
 1  2020-07-08 17:35:44

Your filter should be something like:

(&(objectClass=user)(sAMAccountName=yourUserName)
  (memberOf=CN=YourGroup,OU=Users,DC=YourDomain,DC=com))

To include membership due to group nesting:

(&(objectClass=user)(sAMAccountName=yourUserName)
  (memberOf:1.2.840.113556.1.4.1941:=cn=YourGroup,ou=Users,dc=YourDomain,dc=com))

The numbers 1.2.840.113556.1.4.1941 are an extended match.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Windows LDAP group-user checking in C or C++ (or Ada 95) C++ - Checking all member variables for condition LDAP Getting Full user Name C++ Active Directory: Searching Users/Group in LDAP via C++ checking if time is in specific interval in C++? Checking for specific command line arguments in C++ c++ checking an array for a specific range of values? C++ Checking if a user input a valid answer checking user input for right value in C++ Checking for existence of C++ member function, possibly protected
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM