Re: How to determine if the logged on user is in a group
- From: Dominick Baier [DevelopMentor] <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 29 Dec 2005 13:47:30 -0800
By the way the MY is a new object in VB net 2005. You can use it with things like MY.user It gives you the currently logged in user that is using your
i know - i meant i am not sure what it does under the cover because i haven't checked yet... :)
that's what i just did...
ok - i would not recommend My.User
before you can use My.User you have to call
My.User.InitializeWithWindowsUser()
which sets Thread.CurrentPrincipal to new WindowsPrincipal(WindowsIdentity.GetCurrent())
afterwards properties like Name and IsAuthenticated are just forwarded to Thread.CurrentPrincipal
A big problem i see is that only the string and WindowsBuiltInRole overload for IsInRole is present.
WindowsPrincipal.IsInRole is much more powerful. Especially support for Wellknown SIDs...
But hey - if MY.User provides all the functionality you ever gonna need - thats fine :)
just my 2cents
--------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com
Thanks Dominic, I think the problem is not in my code. I saw that isinrole works with domains OK but I just found that when I ran the whoami.exe /groups the custom groups that Bob belongs to on the DC do not appear in his membership list although he is a member of these groups. Only 15 groups appear when I run Whoami, One custom group on the local workstation and all built-in groups on the DC. I now think I have to find out why thed groups don't appear in the workstation. I just tested whoami for the same user on the DC and the custom groups I created do not appear in the list there either. By the way the MY is a new object in VB net 2005. You can use it with things like MY.user It gives you the currently logged in user that is using your app. My.appsettings lets you get application specific setting from the config file etc.. Its easier than it was which is a good thing :-) But some things don't work as advertised :-( oh well, what else is new :-) If anyone can give me hint how to solve this thing I would really appreciate it.
Bob
"Dominick Baier [DevelopMentor]" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:4580be63182b6f8c7dad184c2a5c1@xxxxxxxxxxxxxxxxxxxxx
Hi, don't know what My.. exactly does.. but this works (i assume this is a desktop app)
WindowsIdentity id = WindowsIdentity.GetCurrent(); WindowsPrincipal p = new WindowsPrincipal(id);
if (p.IsInRole(@"Domain\SomeGroup")) Console.WriteLine("You are member of some group"); IsInRole works with domain accounts.
--------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.comSorry if this is a bit of crosspost. I'm using VS2005 and VB.net. I have a DC W2K that has a user group I created, MyUsers, I put existing User Bob in that group. I need in my VB app to determine if the currently logged on user is a member of that group. I tried using my.user.isinrole("MyUsers") but I'm told that that only looks at the local user groups, not the domain user groups. (not sure if this is correct) because I gan get the domain name from my user, no problem. In any case, to test that, I added a local user group to my WinXp workstation MyUsers and put user Bob (the domain user account) in the local MyUsers group.
Still the code does not work. However when using built-in groups like administrators the isinrole function works fine. So it seems there must be a different way to find out if a user is part of a custom group.
Does anyone know of a bit of code that lets you verify if the currently logged on user is a member of a group on a domain or on the local computer?
I'm at my wits end and I really would appreciate any help.
Bob
.
- References:
- Prev by Date: Re: CAPICOM 3DES + System.Security.Cryptography in .NET
- Next by Date: Re: CAPICOM 3DES + System.Security.Cryptography in .NET
- Previous by thread: Re: How to determine if the logged on user is in a group
- Index(es):
Relevant Pages
|
