I am currently working on a project where I need to query Active Directory to determine group membership of a user. I initially was locating the user and retrieving the memberOf attribute. The problem with this is that there is a domain and a child domain. The groups are universal groups so they can be used in both domains and they don't show up in the memberOf attribute. Unfortunately there doesn't seem to be much info around for Active Directory access with C++. Is there anyway to determine group membership in this case in C++?
Determining Cross Domain Active Directory Group Membership
1.5k Views Asked by thecaptain0220 At
1
There are 1 best solutions below
Related Questions in C++
- How to immediately apply DISPLAYCONFIG_SCALING display scaling mode with SetDisplayConfig and DISPLAYCONFIG_PATH_TARGET_INFO
- Why can't I use templates members in its specialization?
- How to fix "Access violation executing location" when using GLFW and GLAD
- Dynamic array of structures in C++/ cannot fill a dynamic array of doubles in structure from dynamic array of structures
- How do I apply the interface concept with the base-class in design?
- File refuses to compile std::erase() even if using -std=g++23
- How can I do a successful map when the number of elements to be mapped is not consistent in Thrust C++
- Can std::bit_cast be applied to an empty object?
- Unexpected inter-thread happens-before relationships from relaxed memory ordering
- How i can move element of dynamic vector in argument of function push_back for dynamic vector
- Brick Breaker Ball Bounce
- Thread-safe lock-free min where both operands can change c++
- Watchdog Timer Reset on ESP32 using Webservers
- How to solve compiler error: no matching function for call to 'dmhFS::dmhFS()' in my case?
- Conda CMAKE CXX Compiler error while compiling Pytorch
Related Questions in ACTIVE-DIRECTORY
- Is there any way to set a printer as default according with Active Directory Policy Security Group and PC hostname?
- Dropdown list showing SQLServer2005SQLBrowserUser$DONSERVER instead of Active Directory group name in ASP.NET MVC C#
- Connecting to SQL Server and performing BULK INSERT from Linux Container
- Running wmi queries as a non-admin user on a remote machine using C#
- How can we make an environment specific Token-based authorization using Ping Token?
- Reuse SSL certificate from the personal certificate store across services such as RDP and Federated Sign In
- Adding user in AD using powershell
- Netbox in docker LDAP authentication
- PowerShell Script Install-ADDSDomainController Error
- Get username of logged in user while using Domain Admin privileges
- Populate Simple AD from LDAP
- Python LDAP3 Changing Account Values
- Powershell - Exporting MemberOf to csv file from active directory
- Filtering users from a CSV then removing those filtered users from specific security groups with Powershell
- Nested Expression in Powershell returning part of Expression
Related Questions in GROUP-MEMBERSHIP
- Powershell Script to Split data in a cell and print them in different rows
- LDAP query for checking group membership using C#
- How to read the computer security token to get group membership
- Azure AD dynamic groups membership
- How to export all AD Group Members using PowerShell?
- How do I generate the list of AD group memberships for each user from a list of AD user accounts?
- Remove Multiple Users from All AD Groups with PowerShell
- Add all Security Groups to multiple computer objects
- powershell - Remove all "ForeignSecurityPrincipals" from AD Groups selected by SID
- Unable to cast object of type 'Microsoft.Graph.GroupMembersCollectionWithReferencesPage' to type 'Microsoft.Graph.Group'
- Get user group memberships from SID
- Export members of multiple groups
- Azure AD B2C Group Membership Custom policy
- How to add a security group as a member of another security group in Azure AD B2C tenant?
- MS Graph SDK: How to add URL segment to filter for specific member type?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
If you are using managed C++, you can use UserPrincipal.GetAuthorizationGroups.
If you are not using managed C++, to solve this particular problem, you should bind to Global Catalog and do a LDAP search on the member attribute of the group object to find out which Universal Group containing the user. You should limit your search by specifing the groupType, objectCategory and objectClass.
However, like I mentioned in another post , group enumeration in general is very hard to do it right. If you just need to find out all the groups a user belongs to, your best bet is to use S4USelf