Re: User.IsInRole
From: Alan Roberts (alan.roberts@icm-computer.co.uk)
Date: 12/11/02
- Next message: Alan Roberts: "Re: WindowsPrincipal.IsInRole()"
- Previous message: Peter Erikson: "Re: Checking security at startup?"
- In reply to: Frank Racis: "Re: User.IsInRole"
- Next in thread: Larry Hastings: "Re: User.IsInRole"
- Reply: Larry Hastings: "Re: User.IsInRole"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Alan Roberts" <alan.roberts@icm-computer.co.uk> Date: Wed, 11 Dec 2002 10:37:19 -0000
If I have to use BUILTIN for predefined groups how can I check if I am a
member of the local Administrators group on another machine on the network
(ie not the one that I am running the code on)?
At a slightly different tangent, how can I tell if I am a member of the
Domain Admins group on another domain? For instance we have 2 domains ABC
and XYZ that have a 2 way trust between them. I log on to ABC with my
username alan ie ABC\alan. ABC\alan is a member of the Administrators local
group on domain XYZ which is in turn a member of the XYZ\Domain Admins
group. Running an IsInRole on ABC\alan for the XYZ\Domain Admins group
however returns false not true. Why is this?
Cheers
Alan
"Frank Racis" <frank.racis@smed.com> wrote in message
news:e1V4oKyICHA.1636@tkmsftngp10...
> That didn't work for me. I needed to use "BUILTIN\\Administrators" (with
a
> capital A). The IsInRole check is case sensitive on the entire string,
> both the machine/domain name and the user name. From some quick testing,
> the machine/domain is always uppercase, and the group is however it's
> entered in user manager.
>
> I'm wondering whether this should be reported as a bug. Everywhere else
in
> Windows, the names of users, groups, and domains are case-insensitive.
> Having them case-sensitive for this call just seems wrong.
>
> -Frank
>
> "Willy Denoyette [MVP]" <willy.denoyette@pandora.be> wrote in message
> news:u$4PHRHHCHA.2248@tkmsftngp04...
> > Administrators is a builtin group, use this "BUILTIN\\administrators"
for
> administrators and other predefined groups.
> > Use "machine\\userdefinedgroup" for user defined groups (where machine
> stands for amachinename or domain name).
> >
> > Willy.
> >
> > "Colin" <colinjwhite74@hotmail.com> wrote in message
> news:10be801c218c5$9f912a30$9be62ecf@tkmsftngxa03...
> > > I have the following setup:
> > > -IIS Security = NT Authentication
> > > -web.config = <identity impersonate = "true" />
> > >
> > > running "Response.Write(User.Identity.Name)"
> > > will return (mydomain\login)
> > >
> > > I am an admin on the machine. If I run
> > > "Response.Write(User.Isinrole("Administrators"))"
> > > it returns false
> > >
> > > I am ultimately trying to block visibility and disable
> > > certain controls based on the user. I have a "Managers"
> > > group on the webserver, but I cannot seem to get my app
> > > to recognize that the user is part of this group using
> > > the above method. ???????????? Can anyone shed some more
> > > light on how to go about this? Thanks :)
> >
> >
>
>
- Next message: Alan Roberts: "Re: WindowsPrincipal.IsInRole()"
- Previous message: Peter Erikson: "Re: Checking security at startup?"
- In reply to: Frank Racis: "Re: User.IsInRole"
- Next in thread: Larry Hastings: "Re: User.IsInRole"
- Reply: Larry Hastings: "Re: User.IsInRole"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
