Re: Check group member ship or a user
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 02/23/05
- Previous message: Kavitha: "Re: Set CAS for a winform control hosted on a webform"
- In reply to: Sameh Ahmed: "Re: Check group member ship or a user"
- Next in thread: Sameh Ahmed: "Re: Check group member ship or a user"
- Reply: Sameh Ahmed: "Re: Check group member ship or a user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Feb 2005 12:45:07 -0800
Hello Sameh,
hmm - try
AppDomain.Current.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal) at
the beginning of your App (main)
then afterwards
if (Thread.CurrentPrincipal.IsInRole(".."));
(sorry - only compiled with Omea Reader :)
does that work??
dominick
> Hello Dominick
> Thanks for your time
> it's a windows form application using VB .net
> I do almost the same as you explained below
> Dim s As New
> Security.Principal.WindowsPrincipal(System.Security.Principal.WindowsI
> dentity.GetCurrent)
> MsgBox(s.Identity.Name)
> MsgBox(s.IsInRole("machinename\groupname"))
> and it simply always returns false
> although, there is a group called "groupname" and the machine is
> called
> "machinename"
> any ideas would be really appricated.
> Regards
> Sameh
> "Dominick Baier [DevelopMentor]"
> <dbaier@pleasepleasenospamdevelop.com> wrote in message
> news:eQ$%23do0FFHA.3824@TK2MSFTNGP10.phx.gbl...
>
>> sure!
>>
>> You have to construct a WindowsPrincipal object for that user.
>>
>> What kind of application are we talking about?
>>
>> In Console/WinForms apps you get the current logged on user with
>>
>> WindowsIdentity id = WindowsIdentity.GetCurrent();
>>
>> and then construct a WindowsPrincipal with:
>>
>> WindowsPrincipal principal = new WindowsPrincipal(identity);
>>
>> after that you can call:
>>
>> if (principal.IsInRole(@"DOMAIN\Marketing"))
>> ...
>> i did a talk at WinDev about this topic and you can find the slides
>> and some democode here:
>> http://www.leastprivilege.com/PermaLink.aspx?guid=14fd81b2-dc23-4670-
>> bf04-ad16552083f3
>>
>> ---
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>> nntp://news.microsoft.com/microsoft.public.dotnet.security/
>> HA.2736@TK2MSFTNGP09.phx.gbl>
>>
>> Hello there
>> Is there a way through dotNet to check if a certain user is a member
>> of a
>> specific group?
>> I use ADSI to get the memberships of the user then compare them to
>> the
>> group
>> I want to check, but this way the user has to be a member of this
>> group
>> directly and if he is a member of a group that is a member of that
>> group
>> he
>> will not be considered a member of the group I am checking although
>> he is
>> implicitly.
>> so basically what I need is a method that takes the user name and the
>> group
>> name and check if this user is a member both implicitly or
>> explicitly.
>> Any ideas?
>> Regards
>> Sameh
>> [microsoft.public.dotnet.security]
>>
- Previous message: Kavitha: "Re: Set CAS for a winform control hosted on a webform"
- In reply to: Sameh Ahmed: "Re: Check group member ship or a user"
- Next in thread: Sameh Ahmed: "Re: Check group member ship or a user"
- Reply: Sameh Ahmed: "Re: Check group member ship or a user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
