Re: [Setacl-devel] Active Directory Support and my skills
Brought to you by:
helgeklein
Menu
▾
▴
Re: [Setacl-devel] Active Directory Support and my skills
|
From: Kenneth C. <krc...@ms...> - 2003-01-16 14:31:15
|
I have some experience with AD in .NET applications.... mainly in creating/deleting/moving users and modifying attributes, including an object's "memberof" attribute, which is what you would use to add a user to a given security list. So, I may be able to assist with questions on those items. >From: Casey Smith <red...@ya...> >Reply-To: set...@li... >To: set...@li... >CC: hel...@ne... >Subject: [Setacl-devel] Active Directory Support and my skills >Date: Wed, 15 Jan 2003 21:18:05 -0800 (PST) > > > I have written programs in VB using ADSI for Active directory. Now, I >don't know how much of that will over lap into VC++, but I would be willing >to try it or help out in that area. I am not familiar with SDDL strings >though. So until you are to that point I may just have to play the role of >tester. I do know the naming convention for AD very well (e.g. >CN=Someone,OU=Software,OU=Engineering,DC=Microsoft,DC=Com.). If anyone >wants a good reference tool or code for enumerating any of the objects I >can provide that. >I am looking over DSAcls.exe to see what exactly that does so i can get an >idea of what you want to be able to do. >So, I will keep figuring out this program. If someone has a task that I >might be able to do let me know otherwise I will just be waiting. Thanks >Everyone! >Helge: I am going through your code trying to figure everything out and I >have to say that your program is very well commented and written. It has >so far been one of the easiest programs that I have jumped into the middle >of and tried to figure out. > Helge Klein <hel...@ne...> wrote: Active Directory support >_could_ be included in SetACL in >the future (when everything else works ;-). I do know that >it is quite complex; also, there is a tool in the Reskit >called DSAcls.exe that already does the job. I suggest we >talk about this again later. > >NT4-Support: until now I have only come across one function >(regarding SDDL strings) that is not available in NT. We >_could_ drop NT support which would open the path to >exporting AND importing complete security descriptors with >all DACL and SACL settings (as SDDL strings), and enable AD >support. What do you think? > >COM control: Howard, would you like to start with the >control? When I started to work on the main class CSetACL I >implemented the interface to the outside world first - it >should be complete enough by now to be able to build a >control (and a console EXE) around it. My plan was to expose >the public funtions in the control which are all input >functions to pass data to the class. There is, of course, >the need to pass strings back to the calling >class/function/EXE, like detailed error/success/status >messages which might be needed by the caller. I used a >callback function for that purpose to be able to send any >message in realtime while the program is still working. >Example: someone uses the OCX to build a GUI around SetACL. >The user of this GUI wants to create a permission listing of >a large partition which might take a while. Via the callback >function the GUI can display in real time the permissions >that currently processed by SetACL. Is a callback function a >viable way to do it and does it work with COM? > >CVS: I started a new dir/tree called baseclasses for the >main classes. I think it would be wise to use a separate >dir/tree for the OCX and another one for the console UI. > >Helge > > > >--------------------------------- >Do you Yahoo!? >Yahoo! Mail Plus - Powerful. Affordable. Sign up now _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail |
