Someone know if it's possible to access the Windows System File through Active Directory in .NET, and how to do it? What I want to do is a application that allow users to access through the web to the Active Directory Server and after a autentification process
allow them to access to de Windows System Files.
What I have found on Internet are examples about getting a list of users and computers, but nothing about getting a list of the files that a user can access on the AD Server.
If anyone knows what I have to do or point me on the right direction, it will be much appreciated.
Sorry, you are looking in the wrong direction. AD has nothing to do with the file system. The only interaction that AD provides with files is that once you access a file, it holds a security descriptor (DACL) that has some access information that can (but
doesn't have to) hold a SID for a domain account. No other domain information is on there and AD is not used for it.
You would need to iterate each file in the system and the SID associated on the DACL to determine who can access what. This does not directly involve AD. Once you had the SID on the DACL, you could conceivably lookup the SID (again, I would not directly use
LDAP services) to put that name into a user friendly format (e.g. LookupAccountSid).
None
0 Points
1 Post
Active Directory Accesing the Windows System File
Feb 25, 2006 05:52 PM|frleonard|LINK
Someone know if it's possible to access the Windows System File through Active Directory in .NET, and how to do it? What I want to do is a application that allow users to access through the web to the Active Directory Server and after a autentification process allow them to access to de Windows System Files.
What I have found on Internet are examples about getting a list of users and computers, but nothing about getting a list of the files that a user can access on the AD Server.
If anyone knows what I have to do or point me on the right direction, it will be much appreciated.
Thanks.
Member
135 Points
1801 Posts
Re: Active Directory Accesing the Windows System File
Feb 27, 2006 10:16 AM|dunnry|LINK
You would need to iterate each file in the system and the SID associated on the DACL to determine who can access what. This does not directly involve AD. Once you had the SID on the DACL, you could conceivably lookup the SID (again, I would not directly use LDAP services) to put that name into a user friendly format (e.g. LookupAccountSid).
Weblog
The Book
LDAP Programming Help