Hi all,
Ive added a few Active Directory Extended Rights to our dev AD similar to the exchange send-as right. Ive got my own objectclasses and I have applied the new rights to these classes. Now I would like to programmatically check access for an impersonated
user.
So what I have so far.
- Ive got a users AccessToken (through impersonation).
- I can read the binary SID from the object.
- I have the GUID of the extended right.
I would like to use AccessCheck() or similar function to verify the rights.
In simple terms I would like to have the following function
bool ADExtRightsAccessCheck(<br/>
<span style="white-space
re IntPtr accessToken,<br/>
<span style="white-spacere Guid extendedRightToCheck, <br/>
<span style="white-spacere SecurityIdentifier sid);
If I understand the MSDN doc for AccessCheck() right then I cant use this function. What should I use?
Regards Johan!
View the full article
Ive added a few Active Directory Extended Rights to our dev AD similar to the exchange send-as right. Ive got my own objectclasses and I have applied the new rights to these classes. Now I would like to programmatically check access for an impersonated
user.
So what I have so far.
- Ive got a users AccessToken (through impersonation).
- I can read the binary SID from the object.
- I have the GUID of the extended right.
I would like to use AccessCheck() or similar function to verify the rights.
In simple terms I would like to have the following function
bool ADExtRightsAccessCheck(<br/>
<span style="white-space
re IntPtr accessToken,<br/><span style="white-space
re Guid extendedRightToCheck, <br/><span style="white-space
re SecurityIdentifier sid); If I understand the MSDN doc for AccessCheck() right then I cant use this function. What should I use?
Regards Johan!
View the full article