In my Cocoa app how can I get the current user's domain when they're logged in via Active Directory?
I need to determine two things:
- If the current user is logged on to an Active Directory domain (only need to handle Active Directory).
- If 1, the domain of the user.
I've found references to Directory Services and the Open Directory Programming Guide but the latter is 10.6 only (I must support 10.5+) and I could not find any examples for the former that gave me an idea of what I needed to do.
dsconfigad -show
It will tell whether you are bound to a directory and details about that directory if bound. Then you will know how to script dscl.
I think you can use same idea as here:
Mac OSX: Determing whether user account is an Active Directory user vs. local user using objective-c
you just need to look for Network or Authentication node (it's kODNodeTypeAuthentication type) and query it for kODAttributeTypeRecordName with query value set to current user name. Then look at search result, you'll find many interesting things there :)
You can use this code, but note that I assume that you refer to the user that is running the current application, if you are running as root, it won't work.
In case you run it as root, simply change the NSUserName() in the query to the desired user you wish to query.
std::string getDomainForCurrentUser()
{
ODSession *session = [ODSession defaultSession];
ODNode *node = [ODNode nodeWithSession:session type:kODNodeTypeAuthentication error:NULL];
ODQuery *query = [ODQuery queryWithNode:node forRecordTypes:kODRecordTypeUsers attribute:kODAttributeTypeRecordName matchType:kODMatchEqualTo queryValues:NSUserName() returnAttributes:kODAttributeTypeStandardOnly maximumResults:0 error:NULL];
NSArray *records = [query resultsAllowingPartial:NO error:NULL];
for (ODRecord *record in records)
{
NSArray *recordLines = [record valuesForAttribute:kODAttributeTypePrimaryNTDomain error:nil];
if (recordLines)
{
NSString *domain = [recordLines firstObject];
std::string([domain UTF8String]);
}
}
return "";
}