SCRIPTING ANSWERS: Who's with Whom
By Don Jones, Contributing Editor
Here's a little trick with the Active Directory Services Interface
(ADSI) WinNT provider. And pay attention: The WinNT provider
works great with Active Directory domains, as well as local
computer user accounts and groups!
Let's say you have a user name in variable sUser, and a group
name in sGroup. You want to know if sUser is a member of
sGroup or not (a handy trick for logon scripts, for example).
Start by using ADSI to get a reference to each object:
Dim oUser, oGroup, sUser, sGroup
sUser = "Don"
sGroup = "Domain Users"
Set oUser = GetObject("WinNT://MyDomain/" & _
sUser & ",user")
Set oGroup = GetObject("WinNT://MyDomain/" & _
sGroup & ",group")
Here's the cool bit, which isn't available with Active Directory's
native LDAP provider, but which works dandy with the WinNT provider:
If oGroup.IsMember(oUser.aDSPath) Then
'He's a member
Else
'Not in the club
End If
You can also shortcut this; here's the entire example:
Dim oGroup, sGroup
sGroup = "Domain Users"
Set oGroup = GetObject("WinNT://MyDomain/" & _
sGroup & ",group")
If oGroup.IsMember(("WinNT://MyDomain/" & _
sUser & ",user") Then
'He's a member
Else
'Not in the club
End If
A quick and easy way to check group membership.
Brak komentarzy:
Prześlij komentarz