1. David Pylatuk
  2. PowerBuilder
  3. Monday, 29 January 2024 20:26 PM UTC

Calling NetUserGetGroups from PowerBuilder,

 

Does anyone have a working example of how to call this from PowerBuilder?

 

Thanks in advance.

John Fauss Accepted Answer Pending Moderation
  1. Tuesday, 30 January 2024 00:17 AM UTC
  2. PowerBuilder
  3. # 1

Hi, David - 

It appears that you and Ed are doubling up on this question (which really isn't necessary, by the way), so I will repeat this response in the other thread.

I've never called this WinAPI function before, but in looking at the Windows documentation, it looks like it can be called with null arguments, and this affects how the function is called from PB. Therefore, I have a couple of questions:

1. Are you wanting to run this function on the local server (where the app is running) or on a remote (non-local) server?

2. Are you wanting only the names of the groups (the GROUP_USER_INFO_0 structure) or the names and attribute flags (the GROUP_USER_INFO_1 structure)?

I'm willing to try and figure out how to get the information into a PB app once I hear back from you, but please know that I have a limited amount of free time at home in the evening in which to tackle this, as my employer understandably does not want to pay me for working on other people's problems. Once I hear back from either/both of you, I'll see what I can come up with.

Best regards, John

Comment
There are no comments made yet.
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Tuesday, 30 January 2024 00:34 AM UTC
  2. PowerBuilder
  3. # 2

Hi David;

   My STD Framework has all the AD interaction capabilities built in. Here is a presentation that I gave at a PB conference that explains how it works...

https://sourceforge.net/projects/stdfndclass/files/Presentations/Active%20Directory

BTW: the framework is free & open source so please adapt any code that helps you in this quest.

Regards... Chris

Comment
There are no comments made yet.
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Tuesday, 30 January 2024 19:45 PM UTC
  2. PowerBuilder
  3. # 3

Hi David;

  Here are the various functions in the "nc_active_directory_master" Custom User Object within the STD Framework for AD interaction  ...

Regards .. Chris

Comment
There are no comments made yet.
John Fauss Accepted Answer Pending Moderation
  1. Friday, 2 February 2024 02:05 AM UTC
  2. PowerBuilder
  3. # 4

In case anyone following this thread is interested, I have figured out how to call the NetUserGetGroups Windows API function from PB and obtain the results. Had a little problem getting it to work in 64-bit, but it is working now. The small attached app contains a non-visual object to obtain the information and the window illustrates how to use the NVO.

Attachments (1)
Comment
  1. yakov werde
  2. Thursday, 21 March 2024 14:22 PM UTC
Thanks very much for this example.

This approach provides an array of direct group memberships.

We need to know the group ownership in order to find out whether a user has the right to do something,

The list provided by the cmd command: WhoAmi /groups has the necessary information



The suggested approach I discovered is to use the token / SID way (e.g. using ::OpenProcessToken, ::GetTokenInformation and ::LookupAccountSid)

https://stackoverflow.com/questions/55450955/why-does-the-winapi-function-netusergetlocalgroups-not-return-all-groups



Any examples for this type of process?



Thanks

=Yakov



  1. Helpful
  1. John Fauss
  2. Thursday, 21 March 2024 15:08 PM UTC
Hi, Yakov - It's nice to hear from you!

I do not have any such example(s). Since WhoAmI is a command/console program, I suggest you try using the "RunAndCapture" object function of Roland's n_runandwait non-visual object in his "RunAndWait" free code example:

https://www.topwizprogramming.com/freecode_runandwait.html

I tried it and it appears to successfully capture the console output of a "whoami /groups" command, which you can then parse and extract the needed information.
  1. Helpful
There are no comments made yet.
David Pylatuk Accepted Answer Pending Moderation
  1. Tuesday, 30 January 2024 14:57 PM UTC
  2. PowerBuilder
  3. # 5

Hi John,

 

The user will be running a PowerServer application. I need to check if the user is in a particular Active Directory group in the app before letting them proceed to connect to a particular environment.

 

Thanks for your help

Comment
  1. Armeen Mazda @Appeon
  2. Tuesday, 30 January 2024 16:52 PM UTC
If it is a PowerServer application, take a look at the Azure AD tutorial: https://docs.appeon.com/ps2022r3/Using_Azure_Active_Directory_service.html

You want to keep the client app only making HTTP calls. So best to do it on the server side and then call your PowerServer Web API to get the validation (token).
  1. Helpful 1
There are no comments made yet.
David Pylatuk Accepted Answer Pending Moderation
  1. Tuesday, 30 January 2024 15:00 PM UTC
  2. PowerBuilder
  3. # 6

Hi Chris,

Thanks for this. Can you point me to the location in the code where you retrieve the AD groups that are granted to a user please?

 

I have done some searching on NetUserGetGroups and did not find it, this is the call I was expecting to see.

 

Thank you.

Comment
  1. Chris Pollach @Appeon
  2. Tuesday, 30 January 2024 19:42 PM UTC
Hi David;

Have a look at the "nc_active_directory_master" object in the "STD_FC_Base.pbl" HTH

Regards ... Chris

  1. Helpful 1
There are no comments made yet.
David Pylatuk Accepted Answer Pending Moderation
  1. Wednesday, 31 January 2024 19:48 PM UTC
  2. PowerBuilder
  3. # 7

Thank you Chris

Comment
There are no comments made yet.
David Pylatuk Accepted Answer Pending Moderation
  1. Wednesday, 31 January 2024 19:49 PM UTC
  2. PowerBuilder
  3. # 8

Thanks Armeen

Comment
There are no comments made yet.
David Pylatuk Accepted Answer Pending Moderation
  1. Friday, 2 February 2024 19:02 PM UTC
  2. PowerBuilder
  3. # 9

This is great John, thank you.

This will make life easier....

I am having one issue with your code though. When declaring the external functions I receive two errors.

 

REF os_group_users_info_1 dest

REF os_group_users_info_0 dest

 

Both produce errors complaining about unknown data type, I searched your code and can not find these referenced anywhere else? I am using Windows 10 PB2022 R3. Any thoughts? Thank you.

 

Comment
  1. John Fauss
  2. Friday, 2 February 2024 23:24 PM UTC
Hi, David -

Apologies for the late response, as I have driving to another state to attend a wedding.

Both structures are internal, local object structures defined and contained within the non-visual object (the “os_” prefix is Hungarian notation for “object structure”).

If you are not familiar with the mechanics on how to view an object structure in the Painter, just Edit Source and you’ll see their definitions near the top of the source code. Both structures are very simple, but the member data types must be as I have coded them for them to work in 64-bit (PowerServer).
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.