Citrix Storefront – Adventures in customization – Query group membership from aspx

Citrix Storefront – Adventures in customization – Query group membership from aspx

2017-05-15
/ /
in Blog
/

I’ve written a script that can tie into your environment for Storefront or other web service.  This is preferable over the powershell HTTP listener (IMHO) because it can just run on the IIS server and doesn’t need to rely on any external program/service.  It’s a simple script to pull out whether a user is a part of a group or not.  However, it does require impersonation to be able query Active Directory if your environment does not allow anonymous queries (I believe most do not).  Impersonation will make the request come from the machine account, which typically does have authorization to query AD.

In order to set this up, I’ve created a web application in IIS with impersonation set.

NOTE: this was run on a Server 2016 box.  If your System.DirectoryServices assembly has a different version and public key you will need to update this script with that information.

This script does the following: “Create application pool”


 

“Add Web App”

And the “appcmd set config” creates our web.config file:

And the GroupMembership.aspx file:

To call the file, it’s the %hostname%\ADInfo\GroupMembership.aspx?DisplayName=%username%

For example:

 

And then we just modify our script.js to point to this URL instead:

 

Post a Comment

Your email address will not be published. Required fields are marked *

*