>When a user logs in, sys(0) gives you the userid, in AD terms.
https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ldap/distinguished-names>
>In one app I work on the organization gives us the Distinguished Name (see article above). We store that in the user table. Using the userid (from sys(0)) I then confirm (or not) that the DN matches.
>
>If your customer can live with that (providing the DN for all users of your system) I can send you the relevant code (which uses LDAP for the query). Stuart Dunkeld, on foxite.com, wrote the hard parts. :)
>
>Hank
>
>PS: I wouldn't consider capturing the users AD password. The horror, the horror ...
Not my customer, but I agree, in almost all cases that's a Very Bad Idea.
Regards. Al
"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov
Neither a despot, nor a doormat, be
Every app wants to be a database app when it grows up