Simple code snippets to get AD user information

Simple code snippets to get AD user information

I wrote a small AD snippet just the other day, to check which AD groups a specific AD user was member of.  I needed to check if a user was member of a specific AD group, to enable or disable some “super user” functions in the system management application.

Note that it uses web.wintypes.adstypes which may only be available in XE5 and upwards?

   http://pastebin.com/EYwHUerR

10 thoughts on “Simple code snippets to get AD user information


  1. currently I try to use ‘tokenGroups’, have such code:


    function GetObject(const Name: string): IDispatch;


    var


      BindCtx: IBindCtx;


      Moniker: IMoniker;


      Eaten: Integer;


      Dispatch: IDispatch;


    begin


      Result := nil;


      BindCtx := nil;


      if CreateBindCtx(0, BindCtx) = S_OK then begin


        Moniker := nil;


        if MkParseDisplayName(BindCtx, PWideChar(WideString(Name)), Eaten, Moniker) = S_OK then begin


          Dispatch := nil;


          if Moniker.BindToObject(BindCtx, nil, IADs, Dispatch) = S_OK then


            Result := Dispatch;


        end;


      end;


    end;


    var


      ADs: IADs;


      Groups: array of OleVariant;


    begin


      ADs := GetObject(‘LDAP://’ + sADUserName) as IADs;


      SetLength(Groups, 1);


      Groups[0] := ‘tokenGroups’;


      ADs.GetInfoEx(Groups, 0);


      Groups := ADs.Get(Groups[0]);


    now I have in Groups variable: array of array of bytes, this is SIDs in RAW bytes format,


    how to contert this array’s of bytes to SidStr or PSid for using with LookupAccountSid?