Blocked, Active Directory and security stuff

Huh, it is the painful 1:06am by the time I came to write this post. In the past few days I need to build a wrapper object for Active Directory. The wrapper object is to interface my code (yet to write) and ADSI. The objective is to:

1. Read/Write my AD class instance
2. Determine whether the AD is read only
3. Determine whether the current user has the privilege to write to a particular object.

Call myself bad luck or simply under estimated the complexity of AD. I have been trying this for 3 days and still couldn't even create the AD class I wanted using ADSI Edit. It is indeed a painful shame yet I still couldn't have any breakthrough. I find myself hopeless. By the way, my work is one day past due and I still have little progress. gee I'm in trouble. :-(

Anyway, anyhow, my log of the day is: little progress, but I do have plan for tomorrow:

1. Get myself a private domain:
- Setup a Win2k3 domain myself and create schema there. Since the private domain I borrowed from colleague doesn't really work (the way I expected).

2. Trying to get access privilege on a DS object:

- call GetNamedSecurityInfo to get the ppSecurityDescriptor
- use AccessCheck to determine whether writing is granted to the current user.
- If all attempt failed and the light of hope dims, try win32prg for help

3. Trying to know whether the DS is read only.

- Search for ADS_READONLY_SERVER in existing code base and see how it's used. Rob had done something similar and I just need to borrow the work from him...

4. Test, try to finish it as soon as possible and move the heck on.