Working on a ColdFusion app that would let designated users add/delete members of Distribution Groups in AD. Have run into a problem with the way our AD is set up.
Our company and AD is divided up in what we call regions, so within AD, users are members of the group that corresponds to their region. The problem is all the Distribution Groups are listed under the root domain users group, so the idea of being able to filter distribution lists based on the region of the user just went out the door. Additionally, within each region, we have facilities (hospitals) and all the distribution list names begin with the facility names and they vary in length. For instance, within the Oahu region, we have facilities name Leahi and Maluhia, distribution lists for those facilities begin with the same name.
My dilemma is trying to figure out how to filter the distribution lists a user has access to.
From AD I can get the users region, i.e. Oahu, I can then use that to populate a pull down menu from a SQL table that contains the facilities within that region, the user selects the facility and I use that value to parse the distribution list names and then populate a grid or table with the distribution lists for that facility from an AD query. I'm trying to avoid as much as possible creating additional SQL tables for this relying on AD as much as possible, however our AD structure is going to require some SQL tables that would need to be maintained, just want to keep that to a minimum.
Does that sound like the best approach, or does anyone else have a cleaner way of doing it?