pdanes (8/19/2013)
I'm using xp_logininfo to find which domain group a user belongs to, and manipulate some controls in the application based on the results. I want to enable/disable various controls, depending on the privilege level of a user, so that a particular action is not possible for a user with insufficient privilege, rather than let them try it and have the app berate them them for the attempt.
I'm sorry, I should've said - xp_logininfo doesn't give you the information unless the account or the group that it is in already has access to the instance the application needs to connect to. i.e - wherever you ran xp_logininfo.
However, I guess you answered that - "The group to which he belongs is defined as a login and is mapped to the database".
When a valid AD account doesn't have access to the instance, I think you get no results, but when the AD account doesn't exist is when you generally get the error 'could not obtain information..' So perhaps I don't know. Could it be that you typed in the name and there is a typo?
"Are you telling me that this SP has known incorrect behavior?" - Maybe not anymore. I did not know about the 'all' parameter. I just tried it. It seems to provide information I need. I had only used xp_logininfo 'domain\user' - that I thought was returning inconsistent info. (We have other custom built means of getting permissions information, so I haven't needed/missed xp_logininfo)
EXEC xp_logininfo 'nmp\username', 'members' -> this needs to be EXEC xp_logininfo 'nmp\groupname', 'members'
All in all, for sanity, my first steps would be to check if there was a typo in the name, and if it is not a typo, to check if the user can access the database even though you mentioned his login is mapped to the database.