Re: PrincipalPermission Attribute and Nested Groups
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 04/09/04
- Previous message: [MSFT]: "RE: Get DefaultCredentials of one web app into another?"
- In reply to: Anthony Christianson: "PrincipalPermission Attribute and Nested Groups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 9 Apr 2004 00:05:48 -0500
This does definitely work. However, there are a few requirements:
- Your AD domain needs to be in 2000 native mode or 2003 functional level
- Group A needs to have the security bit set on the groupType
If both of those are true, you should have no problems. If not, then that
is the problem. If those are both true and it still isn't working, it could
be an issue of having the group name (domain\samAccountName) incorrect.
HTH,
Joe K.
"Anthony Christianson" <achristianson@momentuminteractive.com> wrote in
message news:udxMAHbHEHA.3564@TK2MSFTNGP09.phx.gbl...
> The Issue:
>
> Group A contains Group B
> Group B contains User 1.
>
> I want to check if User 1 is in Group A.
>
>
> This:
> [PrincipalPermission(SecurityAction.Demand,Role="Group A")]
> Fails
>
> This:
> [PrincipalPermission(SecurityAction.Demand,Role="Group B")]
> Succeeds.
>
>
> Since Group B is a memberOf Group A, they both should succeed.
>
> I have tried :
>
> WindowsIdentity identity = WindowsIdentity.GetCurrent();
> WindowsPrincipal principal = new WindowsPrincipal(identity);
> if( principal.IsInRole("Group A"))
> {
> Debug.WriteLine("Yippee");
> }
>
> And this does not work.
>
> Does anyone have a answer as to how I can quickly check to see if User 1
is
> in Group A
>
>
- Previous message: [MSFT]: "RE: Get DefaultCredentials of one web app into another?"
- In reply to: Anthony Christianson: "PrincipalPermission Attribute and Nested Groups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
