<% Dim oUser 'LDAP object holding user info Dim oDSP 'Directory Service Provider Dim sPWD 'CN's password parameter Dim sRoot 'Holds the root of the LDAP object Dim sDN 'Distinguished Name of authenticating account Dim sLDAPsrv 'LDAP server Dim sIsAuthorized 'Holds status of user authorization CONST ADS_SECURE_AUTHENTICATION = &H0001 CONST ADS_USE_ENCRYPTION = &H0002 CONST ADS_USE_SSL = &H0002 CONST ADS_READONLY_SERVER = &H0004 CONST ADS_NO_AUTHENTICATION = &H0010 CONST ADS_FAST_BIND = &H0020 CONST ADS_USE_SIGNING = &H0040 CONST ADS_USE_SEALING = &H0080 CONST ADS_USE_DELEGATION = &H0100 CONST ADS_SERVER_BIND = &H0200 sLDAPsrv = ".itc.virginia.edu" sRoot = "LDAP://" & sLDAPsrv & "/" & "cn=,ou=Groups,o=University of Virginia,c=US" sDN = "cn=,ou=Special Users,o=University of Virginia,c=US" sPWD = "" ' Set the userid here. ' Statement to be used when actually using Netbadge (commented out for now): ' sUserToBeAuthorized = Request.ServerVariables("HTTP_PUBCOOKIE_USER") ' Statement to read in data passed through the http url (as this example does) sUserToBeAuthorized = Request.QueryString("HTTP_PUBCOOKIE_USER") 'Set directory service provider Set oDSP = GetObject("LDAP:") 'Set the LDAP object query On Error Resume Next Set oUser = oDSP.OpenDSObject(sRoot,sDN,sPWD,ADS_USE_SSL + ADS_FAST_BIND) If Err.Number <> 0 Then Response.Write("Error: " & Err.Number & " " & Err.description & "
") End If 'Populate the user property cache oUser.GetInfo ' Display the object properties Response.Write("There are " & oUser.PropertyCount & " properties ") Response.Write("for " & oUser.AdsPath & "
") 'Iterate through available group attributes (Included Here So You Can See How To Look At All Group Properties) For count = 0 to (oUser.PropertyCount-1) sAttribName = oUser.Item(CInt(count)).Name sAttribVal = oUser.Get(sAttribName) If IsArray(sAttribVal) Then For Each sMultiVal in oUser.GetEx(sAttribName) sAttribList = sAttribList & sAttribName & Space(16-Len(sAttribName)) & ":: " & sMultiVal & "
" Next Else sAttribList = sAttribList & sAttribName & Space(16-Len(sAttribName)) & ": " & sAttribVal & "
" End If Next 'Iterate through membership list to see if our user is authorized sIsAuthorized = "false" 'set default value to false - user is not authorized sAttribName = "memberUid" 'memberUid value contains the user computing id sAttribVal = oUser.Get(sAttribName) ' If the group contains more than one member, iterate through the array If IsArray(sAttribVal) Then For Each sMember in oUser.GetEx(sAttribName) If (StrComp(sMember,sUserToBeAuthorized) = 0 )Then sIsAuthorized = "true" End If Next ' If the group contains only one member, check that member Elseif (StrComp(sAttribVal,sUserToBeAuthorized) = 0) Then sIsAuthorized = "true" End If Response.Write(sAttribList) Response.Write("User to be authorized is: " & sUserToBeAuthorized & "
") Response.Write("User is authorized: " & sIsAuthorized) 'Clean up set oDSP=Nothing set oUser=Nothing %>