Thank you so much!
>"LDAP://RootDSE" something standard or they should have their own name?
>
>Standard
>
>>LDAP OU = Organizational unit &&unique to the client
>>Ldap DC = Domain Component
>>LPAD CN = Common Name
>>
>>>Thank you, Mike.
>>>
>>>I am wondering what should I ask the customer to provide. Many of the elements in your code are new to me.
>>>Is "LDAP://RootDSE" something standard or they should have their own name?
>>>What is a typical value of "DefaultNamingContext"?
>>>On the line:
>>>>> strOU = "OU=Test,OU=OEB,OU=SAAS-users,"
>>>
>>>What is the OU?
>>>
>>>Thank you.
>>>
>>>>I used this at some point in the past, not sure if it helps
>>>>
>>>>
Procedure verifyIfUserExists(tcUserId)
>>>> Local lcUserId
>>>> lcUserId ='CN='+tcUserId
>>>> objRootLDAP = Getobject("LDAP://RootDSE")
>>>> strDNSDomain = objRootLDAP.Get("DefaultNamingContext")
>>>> strGroup = "CN=oeb-test,"
>>>> strOU = "OU=Test,OU=OEB,OU=SAAS-users,"
>>>> *' Prepare the OU and the Group
>>>> objGroup = Getobject("LDAP://"+ strGroup + strOU + strDNSDomain)
>>>> objOU =Getobject("LDAP://" +strOU + strDNSDomain)
>>>>
>>>> For Each objUser In objOU
>>>> If objUser.Class = Lower("User")
>>>> If objUser.Name = lcUserId
>>>> Return .T.
>>>> Endif
>>>> Endif
>>>> Endfor
>>>> Return .F.
>>>>
>>>> Endproc
>>>>
>>>>
>>>>
>>>>>>>>Hi,
>>>>>>>>
>>>>>>>>In my ASP.NET application, MS .NET Framework has a class that allows to get a user name and email by AD username.
>>>>>>>>
>>>>>>>>Could the same be done in VFP 9?
>>>>>>>>
>>>>>>>>That is, user would enter his/her AD username (e.g. "j_smith") and the VFP application would connect to the AD (using the entered username) and get this user name and email?
>>>>>>>>
>>>>>>>>Let me know if you have done something like this
>>>>>>>>
>>>>>>>>TIA
>>>>>>>
>>>>>>>The approach suggested by Tamar is nice. But the customer won't want my VFP application to SQL Select all records from the AD. Instead they want the application to "know" - or determine - the AD username currently logged into the PC.
>>>>>>>
>>>>>>>That is, suppose when a user logs into his/her PC, they enter the AD username "j_smith" (as an open text) and enter the password (of course, covered with asterisks). Then, they want my VFP application to determine (how is a big question) that the current AD username (logged into the PC) is j_smith.
>>>>>>>
>>>>>>>Is the above possible?
>>>>>>
>>>>>>When a user signs in to on-premises AD, several environment variables are set:
>>>>>>USERDNSDOMAIN
>>>>>>USERDOMAIN
>>>>>>USERNAME
>>>>>>
>>>>>>You could retrieve these with GETENV(). Bear in mind these can be modified by the user so they're not reliable in an adversarial situation.
>>>>>>There are also the old ID( ) and SYS( 0 ) functions. I'm not sure if these return the correct username if the user modifies the environment variables.
>>>>>>
>>>>>>I haven't tested any of the above for a user sign in to Azure Active Directory (AAD), if that applies in your case. I suspect not, since those usernames are of the format
someuser@somedomain.com .
>>>>>
>>>>>Thank you for your message.
>>>>>Now - just this morning (since the customer is in Europe) - I received a new requirement. Now the customer wants a user to enter both the AD username and AD password into my VFP application. And my VFP application to check if this is a valid user. Initially I thought that they would not want a user to enter his/her password into the VFP application.
>>>>>So, I am back to Tamar's link where the VFP application should create a query to the AD and validate a user.
>>>>>I will need to find the name of the AD/SQL Server DB to do that.
"The creative process is nothing but a series of crises." Isaac Bashevis Singer
"My experience is that as soon as people are old enough to know better, they don't know anything at all." Oscar Wilde
"If a nation values anything more than freedom, it will lose its freedom; and the irony of it is that if it is comfort or money that it values more, it will lose that too." W.Somerset Maugham