问题描述
在 vba 中是否可以离线检查 Active Directory 组成员身份?
在线 = 到公司域网络(LAN 或 Wifi)的第 3 层连接
离线 = 没有物理网络连接 - 没有 LAN,没有 Wifi
Public Declare Function logonUser Lib "advapi32" Alias "logonUserA" _
(ByVal lpszUsername As String,ByVal lpszDomain As String,ByVal lpszPassword As String,_
ByVal dwlogonType As Long,ByVal dwlogonProvider As Long,phToken As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Const logoN32_PROVIDER_DEFAULT As Long = 0&
Public Const logoN32_logoN_INteraCTIVE As Integer = 2&
Public Function ADUserLogin(ByVal strUsername As String,ByVal strPassword As String,_
ByVal strDomain As String) As Boolean
On Error GoTo ADUserLogin_Error
Dim tokenHandle As Long
ADUserLogin = logonUser(strUsername,strDomain,strPassword,logoN32_logoN_INteraCTIVE,_
logoN32_PROVIDER_DEFAULT,tokenHandle)
CloseHandle tokenHandle
On Error GoTo 0
Exit Function
ADUserLogin_Error:
MsgBox "Error " & Err.Number & " (" & Err.description & ") in procedure ADUserLogin,line " & Erl & "."
End Function
但是它对 Active Directory 组成员身份有何作用?
亲切的问候罗尼
解决方法
我已经解决了如下。当用户在线登录时,我检查他属于哪个组并保存它,包括上次登录的日期和时间。现在,用户有 14 天的时间离线登录数据库。
如果在此期间再次连接到域,我只需再次检查组成员身份并做出相应的反应。
如果有人知道更好的方法,我总是乐于提供建议。 :-)
Public Function IsMember(ByVal strUsername As String,ByVal strPassword As String,ByVal strGroup As String,Optional ByVal strDomain As String) As Boolean
10 On Error GoTo IsMember_Error
20 If Not Len(strDomain) <> 0 Or IsNull(strDomain) Then
30 strDomain = CreateObject("WScript.Network").UserDomain
40 End If
50 Set objIADS = GetObject("WinNT:").OpenDSObject("WinNT://" & strDomain,strUsername,strPassword,ADS_SECURE_AUTHENTICATION)
60 Set objIADSUser = objIADS.GetObject("user",strUsername)
70 For Each Member In objIADSUser.Groups
80 If Member.Class = "Group" Then
90 If Member.Name = strGroup Then
100 IsMember = True
110 SaveUserMembership strUsername,strGroup,strDomain,Date,Time
120 Exit For
130 End If
140 End If
150 Next
160 On Error GoTo 0
170 Exit Function
IsMember_Error:
180 MsgBox "Error " & Err.Number & " (" & Err.description & ") in procedure IsMember,line " & Erl & "."
End Function