Authenticating Users with Active Directory in Access?

[Todjk]

I am facing an issue with my Access development that I
despriately need assistance with.

I am going to be developing custom security within my
Access application where I would like the user to be able
to be initially greeted with a username and password
dialog when they first log in.

However, due to the fact that my users complain of too
many passwords already, I seek code that I can use to have
the authenticate themselves against my Windows 2000 Active
Directory.

I wish to be able to use Active Directory so they change
their passwords in an single area AND if, for some reason,
they are "disabled" in AD, that values can be returned so
that my code can disable their access.

Does such code exist? Please advise.

Todd

 

[TC]

I know nothing about AD. But, googling on "active directory apis" (including
the qutoes) shows various hits.

If you are not using Access security, what is to stop any user from linking
to your database tables, & adding/changing/deleting the data, bypassing your
application completely?

HTH
TC

 

[Todd J. Knapp]

Hey, TC. Thanks for the reply.

I use SQL as my backend, so it is using AD permissions. I
should be pretty safe there.

Curious, what does the "apis" mean in your "active
directory apis" search parameter?

Thanks!

Todd

 

[Graham Mandeno]

Hi Todd

APIs are Application Programming Interfaces - sets of routines, usually in
DLLs (dynamic linked libraries) by which your program can call code in
another application or component of the operating system.

 

[Todd J. Knapp]

Thank you, Graham, for your e-mail.

I understand now what he meant. Thank you.

My dilemma is that I'm not proficient in this area at
all. It sounds like it could possibly be done with some
effort and time. That's what I have going against me
right now.

In an ideal world, I wonder if there is a "cut and dried"
way of going about this?

Another thing that would be great is to determine, through
these API's, is to find out what AD Security Groups that
an Authenticating user is a part of. For instance, if
code can determine that a user is a member of accounting,
code can be wrote to either grant or deny privileges.

Is this possible/conceivable?

Thanks again!

Todd

-----Original Message-----
Hi Todd

APIs are Application Programming Interfaces - sets of routines, usually in
DLLs (dynamic linked libraries) by which your program can call code in
another application or component of the operating system.

--
Good Luck!

Graham Mandeno [Access MVP]
Auckland, New Zealand

Hey, TC. Thanks for the reply.

I use SQL as my backend, so it is using AD permissions. I
should be pretty safe there.

Curious, what does the "apis" mean in your "active
directory apis" search parameter?

Thanks!

Todd

any
user from linking returned
so

.

 

[Graham Mandeno]

Hi Todd

I'm sorry, I'm not an expert on AD, and this is not the best forum to ask
these questions. You might like to try one of the following newsgroups (or
crosspost to both):
microsoft.publib.active.directory.interfaces
microsoft.public.windows.server.active_directory

--
Good Luck!

Graham Mandeno [Access MVP]
Auckland, New Zealand

Thank you, Graham, for your e-mail.

I understand now what he meant. Thank you.

My dilemma is that I'm not proficient in this area at
all. It sounds like it could possibly be done with some
effort and time. That's what I have going against me
right now.

In an ideal world, I wonder if there is a "cut and dried"
way of going about this?

Another thing that would be great is to determine, through
these API's, is to find out what AD Security Groups that
an Authenticating user is a part of. For instance, if
code can determine that a user is a member of accounting,
code can be wrote to either grant or deny privileges.

Is this possible/conceivable?

Thanks again!

Todd

-----Original Message-----
Hi Todd

APIs are Application Programming Interfaces - sets of routines, usually in
DLLs (dynamic linked libraries) by which your program can call code in
another application or component of the operating system.

--
Good Luck!

Graham Mandeno [Access MVP]
Auckland, New Zealand

Hey, TC. Thanks for the reply.

I use SQL as my backend, so it is using AD permissions. I
should be pretty safe there.

Curious, what does the "apis" mean in your "active
directory apis" search parameter?

Thanks!

Todd


-----Original Message-----
I know nothing about AD. But, googling on "active
directory apis" (including
the qutoes) shows various hits.

If you are not using Access security, what is to stop any
user from linking
to your database tables, & adding/changing/deleting the
data, bypassing your
application completely?

HTH
TC


message
I am facing an issue with my Access development that I
despriately need assistance with.

I am going to be developing custom security within my
Access application where I would like the user to be
able
to be initially greeted with a username and password
dialog when they first log in.

However, due to the fact that my users complain of too
many passwords already, I seek code that I can use to
have
the authenticate themselves against my Windows 2000
Active
Directory.

I wish to be able to use Active Directory so they change
their passwords in an single area AND if, for some
reason,
they are "disabled" in AD, that values can be returned
so
that my code can disable their access.

Does such code exist? Please advise.

Todd


.

.