function Authenticate_LDAP(void)

$Insert LOGICAL

/*  equates for the base registry keys */
equ HKEY_CLASSES_ROOT$     to 0x80000000
equ HKEY_CURRENT_USER$     to 0x80000001
equ HKEY_LOCAL_MACHINE$    to 0x80000002
equ HKEY_USERS$            to 0x80000003
equ HKEY_PERFORMANCE_DATA$ to 0x80000004
equ HKEY_CURRENT_CONFIG$   to 0x80000005
equ HKEY_DYN_DATA$         to 0x80000006
equ KEY_QUERY_VALUE$	   to 0x0001
equ ERROR_SUCCESS		   to 0x0000

Declare subroutine Set_Property.Net, Utility, RegQueryValueEx, Msg, Create_User, RTI_Create_User_Details
Declare Subroutine Set_Property
Declare function   Active_Directory_Services, RegOpenKeyEx, RTI_GetNetworkUserName, RegCloseKey
Declare Function   Database_Services

Log = @AppId<1>
Oswrite Log to 'D:\Temp\auth.txt'

     Authenticated = False$
	Options       = 0
	SamDesired    = KEY_QUERY_VALUE$
	KeyHandle     = 0
	Hkey          = HKEY_LOCAL_MACHINE$
	SubKey        = "SYSTEM\CurrentControlSet\Services\Tcpip\Parameters":\00\
	Stat          = 0
	Null       = ''
	LockVariable KeyHandle as Long
	Stat          = RegOpenKeyEx(Hkey, SubKey, Options, SamDesired, KeyHandle)
	If Stat = ERROR_SUCCESS Then
	  Domain = str(\00\, 512)
	  Reg_SZ = 1
	  CbBuf  = 512
	  Key    = "Domain":\00\
	  RegQueryValueEx(KeyHandle, Key, 0, Reg_SZ, Domain, CbBuf)
	  Domain = Domain[1, CbBuf - 1]
	end
	rv = RegCloseKey(KeyHandle)
    
    UserADName   = RTI_GetNetworkUserName()
    UserADGroups = Active_Directory_Services('GetADGroups', UserADName, Domain)
    **SSOInfo      = Database_Services('ReadDataRow', 'SYSENV', 'CFG_LOGIN*':@AppId<1>)
    *SSOErrorMsg  = SSOInfo<9>
    *SSOADGroups  = Field(SSOInfo, @FM, 2, 3)
    SSOADGroups = Database_Services('ReadDataRow', 'SYSENV', 'SSO*LSL2')
    
    For GroupIndex = 3 to 1 Step -1
        SSOADGroup = SSOADGroups<GroupIndex>
        If InList(UserADGroups, SSOADGroup, @FM) then
            @UserName     = UserADName
            SecurityLevel = GroupIndex - 1
            @Admin        = SecurityLevel
            Authenticated = True$
            Set_Property( "SYSTEM", "LOGININFO" , 'LSL2':@FM:UserADName:@FM:'')
        end
    Until Authenticated
    Next GroupIndex
    
    Swap 1 With 'True' In Authenticated
    Swap 0 With 'False' In Authenticated
    Log := ', Authenticated ':Authenticated
    Oswrite Log to 'D:\Temp\auth.txt'
    
    If Not(Authenticated) then
        Msg(@Window, 'SSO Error')
        Utility('DESTROY', 'SYSTEM')
    End
    
Return