[Setacl-devel] Active Directory Support and my skills
Brought to you by:
helgeklein
From: Casey S. <red...@ya...> - 2003-01-16 05:18:10
|
I have written programs in VB using ADSI for Active directory. Now, I don't know how much of that will over lap into VC++, but I would be willing to try it or help out in that area. I am not familiar with SDDL strings though. So until you are to that point I may just have to play the role of tester. I do know the naming convention for AD very well (e.g. CN=Someone,OU=Software,OU=Engineering,DC=Microsoft,DC=Com.). If anyone wants a good reference tool or code for enumerating any of the objects I can provide that. I am looking over DSAcls.exe to see what exactly that does so i can get an idea of what you want to be able to do. So, I will keep figuring out this program. If someone has a task that I might be able to do let me know otherwise I will just be waiting. Thanks Everyone! Helge: I am going through your code trying to figure everything out and I have to say that your program is very well commented and written. It has so far been one of the easiest programs that I have jumped into the middle of and tried to figure out. Helge Klein <hel...@ne...> wrote: Active Directory support _could_ be included in SetACL in the future (when everything else works ;-). I do know that it is quite complex; also, there is a tool in the Reskit called DSAcls.exe that already does the job. I suggest we talk about this again later. NT4-Support: until now I have only come across one function (regarding SDDL strings) that is not available in NT. We _could_ drop NT support which would open the path to exporting AND importing complete security descriptors with all DACL and SACL settings (as SDDL strings), and enable AD support. What do you think? COM control: Howard, would you like to start with the control? When I started to work on the main class CSetACL I implemented the interface to the outside world first - it should be complete enough by now to be able to build a control (and a console EXE) around it. My plan was to expose the public funtions in the control which are all input functions to pass data to the class. There is, of course, the need to pass strings back to the calling class/function/EXE, like detailed error/success/status messages which might be needed by the caller. I used a callback function for that purpose to be able to send any message in realtime while the program is still working. Example: someone uses the OCX to build a GUI around SetACL. The user of this GUI wants to create a permission listing of a large partition which might take a while. Via the callback function the GUI can display in real time the permissions that currently processed by SetACL. Is a callback function a viable way to do it and does it work with COM? CVS: I started a new dir/tree called baseclasses for the main classes. I think it would be wise to use a separate dir/tree for the OCX and another one for the console UI. Helge --------------------------------- Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now |