}

Blog

Lees hier de laatste IGA-ontwikkelingen

LDAP search filter to check if user is member of a group

The member attribute (or memberOf) is a multi-valued DN list. Fortunately, in LDAP the = operator automatically does a "contains" instead of "equals" when dealing with multi-values. So to check if an object is member of a certain group no matter if he/she is member of lots of groups, you can use:

Lees meer

VBScript to read exchange permissions (msexchmailboxsecuritydescriptor)

Since the permissions involving sending and reading mail are stored in different places, you need to read both the AD object permissions as well as the Exchange security descriptor.

Lees meer

VBScript to read Active Directory user permissions (ntsecuritydescriptor)

Reading AD ACLs isn't particularly hard, the hard part is translating the information you get to something useful. The VBScript listed below contains all the constants required for you to do the translation to whatever you like.

Lees meer