vba - 离线检查 Active Directory 组成员身份
vba - Check Active Directory Group Membership Offline
是否可以在 vba 中离线检查 Active Directory 组成员资格?
我已管理在线和离线用户凭证检查(用户名、密码)。
在线 = 到公司域网络(LAN 或 Wifi)的第 3 层连接
离线 = 没有物理网络连接 - 没有 LAN,没有 Wifi
Public Declare Function LogonUser Lib "advapi32" Alias "LogonUserA" _
(ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, _
ByVal dwLogonType As Long, ByVal dwLogonProvider As Long, phToken As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Const LOGON32_PROVIDER_DEFAULT As Long = 0&
Public Const LOGON32_LOGON_INTERACTIVE As Integer = 2&
Public Function ADUserLogin(ByVal strUsername As String, ByVal strPassword As String, _
ByVal strDomain As String) As Boolean
On Error GoTo ADUserLogin_Error
Dim tokenHandle As Long
ADUserLogin = LogonUser(strUsername, strDomain, strPassword, LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, tokenHandle)
CloseHandle tokenHandle
On Error GoTo 0
Exit Function
ADUserLogin_Error:
MsgBox "Error " & Err.Number & " (" & Err.description & ") in procedure ADUserLogin, line " & Erl & "."
End Function
但是它如何用于 Active Directory 组成员?
谨致问候罗尼
我是这样解决的。当用户在线登录时,我检查他属于哪个组并保存它,包括上次登录日期和时间。现在用户有 14 天的时间可以离线登录数据库。
如果在此期间再次连接到该域,我只需再次检查组成员资格并做出相应反应。
如果有人知道更好的方法,我随时欢迎您提出建议。 :-)
Public Function IsMember(ByVal strUsername As String, ByVal strPassword As String, ByVal strGroup As String, Optional ByVal strDomain As String) As Boolean
10 On Error GoTo IsMember_Error
20 If Not Len(strDomain) <> 0 Or IsNull(strDomain) Then
30 strDomain = CreateObject("WScript.Network").UserDomain
40 End If
50 Set objIADS = GetObject("WinNT:").OpenDSObject("WinNT://" & strDomain, strUsername, strPassword, ADS_SECURE_AUTHENTICATION)
60 Set objIADSUser = objIADS.GetObject("user", strUsername)
70 For Each Member In objIADSUser.Groups
80 If Member.Class = "Group" Then
90 If Member.Name = strGroup Then
100 IsMember = True
110 SaveUserMembership strUsername, strGroup, strDomain, Date, Time
120 Exit For
130 End If
140 End If
150 Next
160 On Error GoTo 0
170 Exit Function
IsMember_Error:
180 MsgBox "Error " & Err.Number & " (" & Err.description & ") in procedure IsMember, line " & Erl & "."
End Function
是否可以在 vba 中离线检查 Active Directory 组成员资格?
我已管理在线和离线用户凭证检查(用户名、密码)。
在线 = 到公司域网络(LAN 或 Wifi)的第 3 层连接
离线 = 没有物理网络连接 - 没有 LAN,没有 Wifi
Public Declare Function LogonUser Lib "advapi32" Alias "LogonUserA" _
(ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, _
ByVal dwLogonType As Long, ByVal dwLogonProvider As Long, phToken As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Const LOGON32_PROVIDER_DEFAULT As Long = 0&
Public Const LOGON32_LOGON_INTERACTIVE As Integer = 2&
Public Function ADUserLogin(ByVal strUsername As String, ByVal strPassword As String, _
ByVal strDomain As String) As Boolean
On Error GoTo ADUserLogin_Error
Dim tokenHandle As Long
ADUserLogin = LogonUser(strUsername, strDomain, strPassword, LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, tokenHandle)
CloseHandle tokenHandle
On Error GoTo 0
Exit Function
ADUserLogin_Error:
MsgBox "Error " & Err.Number & " (" & Err.description & ") in procedure ADUserLogin, line " & Erl & "."
End Function
但是它如何用于 Active Directory 组成员?
谨致问候罗尼
我是这样解决的。当用户在线登录时,我检查他属于哪个组并保存它,包括上次登录日期和时间。现在用户有 14 天的时间可以离线登录数据库。
如果在此期间再次连接到该域,我只需再次检查组成员资格并做出相应反应。
如果有人知道更好的方法,我随时欢迎您提出建议。 :-)
Public Function IsMember(ByVal strUsername As String, ByVal strPassword As String, ByVal strGroup As String, Optional ByVal strDomain As String) As Boolean
10 On Error GoTo IsMember_Error
20 If Not Len(strDomain) <> 0 Or IsNull(strDomain) Then
30 strDomain = CreateObject("WScript.Network").UserDomain
40 End If
50 Set objIADS = GetObject("WinNT:").OpenDSObject("WinNT://" & strDomain, strUsername, strPassword, ADS_SECURE_AUTHENTICATION)
60 Set objIADSUser = objIADS.GetObject("user", strUsername)
70 For Each Member In objIADSUser.Groups
80 If Member.Class = "Group" Then
90 If Member.Name = strGroup Then
100 IsMember = True
110 SaveUserMembership strUsername, strGroup, strDomain, Date, Time
120 Exit For
130 End If
140 End If
150 Next
160 On Error GoTo 0
170 Exit Function
IsMember_Error:
180 MsgBox "Error " & Err.Number & " (" & Err.description & ") in procedure IsMember, line " & Erl & "."
End Function