Hi All, When I run ANTSProfiler for my program to search and get user¡¯s information from a big domain, I found one very interesting thing. The following two...
What if you check them in the other order? Is it possible that the overhead is primarily in loading the property cache the first time? You might also try...
Hello Joe, I added entry.RefreshCache() before the code to get whenCreated and whenChanged attributes. Now the most time is used for RefreshCache (), this step...
60 seconds is still a LONG time for a cache refresh. It is possible that some of this activity is related to the first time hit associated with priming the...
Hello Joe, The time I mentioned in my message is what I got from ANTSProfiler. It is not only for one user or group. The time was used to get the atttributes...
Hi All, I asked this question before. My application will get the attributes of users and groups from Active Directory and save them as a string in the user...
The "X2" format string is what we use in our book for converting from binary to "octet string" format. I'd suggest using that. The code sample is on the...
Given this structure Active Directory is a Forest - Multiple-Domain with two child domains. All user info is stored in the children not the root. There is a...
Regarding the first question, yes. People do this all the time. If your HR system (or whatever you need to sync to) defines a useful unique identifier, then...
Thanks Joe. I found my problem. Let's say, the last four bytes of a user's objectSid like this: 1, 15, 0, 0. The last four bytes of another user's objectSid...
Hi All, I have been searching the format used to save the objectSid value. The following is what I found: Format 1: public static String BinaryEncodeSid(byte[]...
It is all the exact same data, just represented different ways. The two octet formats (the filter and non-filter versions) are just a binary representation of...
Hi all, I've been approached to develop an intranet application for a company. This intranet will be interfacing with a Active directory setup local to the...
Typically, you would want to either use IIS-based authentication or do some sort of LDAP authentication via a forms auth mechanism. Both are well supported in...
Apologies for jumping on this but Joe, you said something that caught my eye. I talked with developers where I work a bit ago and there seemed to be a lack of...
This is definitely the case. In ASP.NET, this stuff is basically all done for you. When using Windows auth, the Context.User property is populated with a...
Hi Joe / Mike First off, many thanks for your detailed replies :) I've been reading up a bit, and have to say I feel a bit clearer on the matter. From what I...
This sounds reasonable to me. If you want SSO with the intranet, you will need to use Windows authentication. If you want to use AzMan, it might make sense...
Hi Mischa, If you plan on using ADAM to store extra user information (such as roles), wouldn't it be easier to save the user info in SQL instead? This way, you...
Thanks Joe. My problem is solved. Gaoming Fu ... The two ... binary ... produce ... can do ... function called ... same way. ... formats? ... objectSid...
Well, we just heard back from the customer. They didn't want to install ADAM on the server because they thought it required sp2 for windows 2003 and they...
Your client is absurdly wrong. How could ADAM have been shipping for so long if it required SP2? Nutso. Note that AzMan is still an option. You just can use...
Real quick... if you go the SQL route, make sure you store the object's GUID as the reference and not any other attribute. It is the only one that won't come...
I'm not quite sure about how to get the GUID from the object in this case. One thing I'm also having trouble with is finding a reference on how to get the...
Is there any way to script, or using ADSIEdit perhaps, changing the password expiration on a user account so that it would be due to expire within a few days?...
No, you can't change pwdLastSet to a specific value. You can make it be "now" (set it to -1 and the DS will substitute in the value corresponding to "now"),...
Hi, Am very new to this group. I need one help,as my IT dept decided to change the service account password in all desktop (nearly 800)which is divided in to 3...
Update: the tool has been updated, renamed and "resited". The new site is now http://www.ldapeditor.com, and its called ldapeditor; not ldapmanager. Its...
Hello, I am developing my application using VC++6.0. I want to retrieve the members of group using GetObjectAttributes call by passing "member" as an attribute...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
