Results 1 to 3 of 3
  1. #1
    Lounger
    Join Date
    Jan 2005
    Location
    Orange, California, USA
    Posts
    33
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Create AD user session programmatically (VB6/Active Directory)

    I have code that checks to see who is logged on to the Win2K session. What I need is to be able to re-log that user as someone else at runtime. This is the code to check the current user:

    Public Property Get CurrentUser() As String

    Dim usr As String

    Set wshnet = CreateObject("wscript.network")

    usr = wshnet.UserName

    CurrentUser = usr

    End Property

    I have an application published in a Citrix session. This VB6 app accesses an Access 2K2 database on another server. They want to restrict NDFS rights to the folder containing this Access DB to only one user. The idea is, in the Citrix session, I would like to re-log the user programmatically to another account that has access to see this folder.

  2. #2
    Super Moderator
    Join Date
    Aug 2001
    Location
    Evergreen, CO, USA
    Posts
    6,613
    Thanks
    3
    Thanked 58 Times in 58 Posts

    Re: Create AD user session programmatically (VB6/Active Directory)

    I hope you have sorted this issue out by now, but just in case here's my <img src=/S/2cents.gif border=0 alt=2cents width=15 height=15>. Our usual approach to this kind of thing is to actually track who is making changes to the database, so we don't want to have a single userID. The reason is we want to identify users who are poorly trained, or who are accidentally or deliberatly misusing it. But the bottom line with any Access database is that the user must have full permissions on both the file and the folder it resides in. Otherwise Jet has no way of handling record locking, so it opens it exclusively. In general we set full permissions for everyone - so there isn't a huge admin issue. What is the underlying reason for wanting to only have one userID have permissions?
    Wendell

  3. #3
    Lounger
    Join Date
    Jan 2005
    Location
    Orange, California, USA
    Posts
    33
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Create AD user session programmatically (VB6/Active Directory)

    Good morning Wendell,

    We haven't really resolved the problem in as much as gotten temporary permission for our data security officer to allow full rights like you indicated to the directory. The concern is hacking and protecting our information in this database, so our concern is at the NTFS file system not with JET. I should say our challenge is with the NTFS file system as we have obviously secured the database already. The end result is we want the code to be able to see the directory, but if the user mapped a drive to it, they couldn't access it. Since we are part of an Active Directory domain, we would need to, in code, use another account that could access this NTFS restricted folder, thus opening the door so Jet could see the database. I hope I didn't make this too confusing, and I understand what I'm asking for is a very tall order.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •