I have 3rd party application using AD LDS to store its hierarchical data and I need to provide web UI in ASP.NET MVC for this system. It is using DACLs on directory entries to control users' access permissions for individual entries.
I have found few good articles explaining how to read ActiveDirectoryAccessRules for DirectoryEntry but I cannot find any good way to calculate effective permissions for specific user. Is there any supporting Microsoft API or library available or I need to invent my own way?
Reference URLs for people investigating on similar subjects:
