'Is it possible to check if a user belongs to an AD group without user password?

Is it just me who's finding AD group is very complex? ;-(

I have a web service that only allows a certain number of role groups to have access. Say we allow people within role group 'rGroupA' to have access.

At some point, a user logs on to our web server, and we have the user name. However, we would not like to ask the user to type in the password.

Is it possible for us to know if this user belongs to 'rGroupA' somehow?

Currently, I could logon our LDAP server with my username and password and see the list of groups I am in. However, I could not search for the groups for my colleagues.

I have searched google for a while but haven't found the answer. It could be that I don't understand LDAP mechanism very well.

Many thanks!

active-directoryldap


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

List users from specific groups

.NET Core 6 Windows auth and Active Directory group based permissions

Reading the SECURITY_ENABLED flag of Group in Active Directory

How can I pull Mail Contact groups for each contact with powershell?

Tomcat Manager - Active Directory Authentication

Java: Connect to Active Directory via serverless binding?

What is a more modern .NET library to use with Active Directory than System.DirectoryServices.AccountManagement?

Search Outlook Global Address List Asynchronously

Unable to retrieve cross domain users with get-adgroupmember -recursive

How to Bind asynchronously with LdapConnection

When generating a unique username in Active Directory, numbers do not increment correctly

Powershell Creating Password Expiration Report

Show "Microsoft Active Directory" information table in WordPress

Do we need Active Directory Domain Controller to run any PowerShell commands?

How do I solve error with Active Directory Search using user name