User.IsInRole() fails if user in too many groups?
From: Dan Kahler (dan.kahler@digex.com)
Date: 01/09/03
- Next message: Yuri Lausberg: "Re: User.IsInRole() fails if user in too many groups?"
- Previous message: Kim Bach Petersen: "Re: 2 sites on one domain - authentication problem"
- Next in thread: Yuri Lausberg: "Re: User.IsInRole() fails if user in too many groups?"
- Reply: Yuri Lausberg: "Re: User.IsInRole() fails if user in too many groups?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Dan Kahler" <dan.kahler@digex.com> Date: Wed, 8 Jan 2003 18:23:25 -0500
(I've seen references to this previously, but I haven't been able to find
any definitive documentaton of this problem.)
My IsInRole() checks return false for ALL membership checks if a given
Windows account is in too many groups. I know it's related to the number of
groups - I've used debug code to echo IsInRole() membership checks, and
watched results change after I incrementally added a domain user to
additional local groups. All the IsInRole() checks begin to fail once the
user is in XX local groups. (The user is also in numerous AD groups, so I
haven't been able to find the specific number that's acting as a ceiling,
and don't know if the problem is specific to local groups).
It's bizarre - IsInRole() correctly identifies membership in both local and
domain accounts, and then if I add the user one additional local group
(arbitrary grouop name), it returns False for checks on any specified group.
Context.User.IsInRole("DOMAIN\MyGroup") returns True, and then once I add
the user to one more local group, Context.User.IsInRole("DOMAIN\MyGroup")
suddenly returns False. I spent forever trying to pin this on a code or
capitalization problem before I tracked it to the number of group
memberships.
I've been using the WindowsPrincipal.IsInRole() function since the early
betas (2001), and this is the first time I've been bitten by this. I'm
using v1.0 of the runtime - anyone know if there's a planned fix for v1.1?
Thanks for any corraboration!
Dan Kahler
- Next message: Yuri Lausberg: "Re: User.IsInRole() fails if user in too many groups?"
- Previous message: Kim Bach Petersen: "Re: 2 sites on one domain - authentication problem"
- Next in thread: Yuri Lausberg: "Re: User.IsInRole() fails if user in too many groups?"
- Reply: Yuri Lausberg: "Re: User.IsInRole() fails if user in too many groups?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
