This project has moved. For the latest updates, please go here.

Collection site isolation and trying to use GroupSID

Sep 11, 2015 at 4:04 PM

i'm trying to use LDAP with user groupSID and it doesn't seem to work is it supported right now ? (my guess would be not).

Also i'm trying to use "customLDAP" to implement isolation (so user from AD group on current site can't add other groups) by overriding SetLDAPConnections and using dynamic value in DirectoryEntry is it the right way to do it ?
Oct 9, 2015 at 2:03 PM
no, using SID is not possible.
Regarding your isolation scenario, I think it's technically possible, but I don't know if there won't be side effects, e.g. if LDAPCP is running in context of application pool account itself (privilege elevation), or called in a process you don't expect (like in OWSTimer for example).