Re: Parsing Domain Groups with .NET

• Previous message: Pete: "Re: C# Zip"
• In reply to: Aaron Ghadiyali: "Parsing Domain Groups with .NET"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 26 Aug 2003 22:16:39 -0500

If you are using Windows authentication in IIS and ASP.NET and the web
server is a domain member, then you get this for free from the .NET security
infrastructure.

Context.User.IsInRole("mydomain\my group") will return true or false based
on the current logged on user. You can also use Page.User.

The IPrincipal interface doesn't provide you with a means to enumerate the
domain groups though. For that, you need to do LDAP lookups with he
DirectoryEntry class or use P/Invoke to pull the TOKEN_GROUPS structure from
the user's token (available from the WindowsIdentity class which is the
IIdentity member of the IPrincipal) and resolve the SIDs into names via
P/Invoke or LDAP lookups.

HTH,

Joe K.

"Aaron Ghadiyali" <aghadiyali@atlantaregional.com> wrote in message
news:009501c36bfb$7c143bd0$a501280a@phx.gbl...
> Hello,
> I need to be able to get the Domain Groups that a domain
> authenicated user is in when they login/navigate through
> an ASP.NET application. For example, if Aaron is in the
> groups DOMAIN Admins and SQL DBA's, I want to be able to
> get that info (Domain Admins and SQL DBA's) on the groups
> they are in with .NET somehow. Does anyone know of an
> object I can use or tap into this/Active Directory like
> that?
>

• Previous message: Pete: "Re: C# Zip"
• In reply to: Aaron Ghadiyali: "Parsing Domain Groups with .NET"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]