Re: WindowsPrinciple.IsInRole not working with cached info

From: John (john_at_nospam.com)
Date: 01/26/05 

Date: Wed, 26 Jan 2005 13:05:37 -0500

I'm definitely not using the local SAM. I follow most of what you're
saying, but I'm not familiar with "winpric" - I assume you're abreviating
something here, but I'm not catching on.

"William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message
news:%23TQEuB9AFHA.1296@TK2MSFTNGP10.phx.gbl...
> I wonder if when disconnected, LogonUser is using the *local SAM to get
the
> WinIdent? Then your call to IsInRole will be looking at local SAM and
group
> may not exist locally. Another idea would be to verify via LogonUser, but
> create GenericID and GenericPrinciple instead of WindowsId/Princ objects.
> You will need to populate the groups yourself in the GP object. You can't
> really return a list from winpric, but you can make required calls to
> winpric to check required groups, then populate the GP. Then just the GP
> and GI, that should work disconnected. The user does not get a GP if it
was
> not a member of the role as you authenticated in your GetGP(string
username,
> string password) method.