KellyLynch
September 18th, 2007, 04:22 AM
I have a code that has been written not by me. It verifies username/password for specified domain, like the following:
IADsOpenDSObject* pDSO;
ADsGetObject("LDAP:", __uuidof(IADsOpenDSObject), (void **)&pDSO);
IDispatchPtr pDisp;
pDSO->OpenDSObject(DNNAme, UserName, Password, DS_SECURE_AUTHENTICATION, &pDisp);
DNNAme is created by translating domain name (it is like MyDepartment.MyCompany.com) from type ADS_NAME_TYPE_CANONICAL into type ADS_NAME_TYPE_NT4 using IADsNameTranslate:
IADsNameTranslate* spNto = NULL;
CoCreateInstance(__uuidof(NameTranslate), NULL, CLSCTX_INPROC_SERVER, __uuidof(IADsNameTranslate), (void **)&spNto);
spNto->InitEx(ADS_NAME_INITTYPE_DOMAIN, bstr_t(psPath), NULL, NULL, NULL);
bstr_t tmp = bstr_t(psPath)+ bstr_t("/");
spNto->Set(ADS_NAME_TYPE_CANONICAL, tmp);
BSTR sServer;
spNto->Get(ADS_NAME_TYPE_NT4, &sServer);
< Them we remove trailing symbol "/" from sServer and append sServer to string "LDAP://">
As a result, the procedure above will generate string "LDAP://MyDepartment" from domain name "MyDepartment.MyCompany.com". This "LDAP://MyDepartment" will be passed into method IADsOpenDSObject::OpenDSObject. The method will work OK.
The question is: why author of the code had to do such translation of domain name? it is possible just append full domain name "MyDepartment.MyCompany.com" to "LDAP://" and pass "LDAP://MyDepartment.MyCompany.com" into IADsOpenDSObject::OpenDSObject. It will work OK too – I tested it. But I have tested it only on one domain I have now; whereas my product will be distributed on various networks and domains. Maybe the trandlation has some sense I do not understand?
IADsOpenDSObject* pDSO;
ADsGetObject("LDAP:", __uuidof(IADsOpenDSObject), (void **)&pDSO);
IDispatchPtr pDisp;
pDSO->OpenDSObject(DNNAme, UserName, Password, DS_SECURE_AUTHENTICATION, &pDisp);
DNNAme is created by translating domain name (it is like MyDepartment.MyCompany.com) from type ADS_NAME_TYPE_CANONICAL into type ADS_NAME_TYPE_NT4 using IADsNameTranslate:
IADsNameTranslate* spNto = NULL;
CoCreateInstance(__uuidof(NameTranslate), NULL, CLSCTX_INPROC_SERVER, __uuidof(IADsNameTranslate), (void **)&spNto);
spNto->InitEx(ADS_NAME_INITTYPE_DOMAIN, bstr_t(psPath), NULL, NULL, NULL);
bstr_t tmp = bstr_t(psPath)+ bstr_t("/");
spNto->Set(ADS_NAME_TYPE_CANONICAL, tmp);
BSTR sServer;
spNto->Get(ADS_NAME_TYPE_NT4, &sServer);
< Them we remove trailing symbol "/" from sServer and append sServer to string "LDAP://">
As a result, the procedure above will generate string "LDAP://MyDepartment" from domain name "MyDepartment.MyCompany.com". This "LDAP://MyDepartment" will be passed into method IADsOpenDSObject::OpenDSObject. The method will work OK.
The question is: why author of the code had to do such translation of domain name? it is possible just append full domain name "MyDepartment.MyCompany.com" to "LDAP://" and pass "LDAP://MyDepartment.MyCompany.com" into IADsOpenDSObject::OpenDSObject. It will work OK too – I tested it. But I have tested it only on one domain I have now; whereas my product will be distributed on various networks and domains. Maybe the trandlation has some sense I do not understand?