Re: ActiveDirectory group membership in offline profile
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 13 Oct 2006 05:34:53 +0000 (UTC)
Hi,
you only have SIDs, no group names - you can easily check that with:
whoami /groups
you will see local groups
and SIDs for domain groups
---
Dominick Baier, DevelopMentor
http://www.leastprivilege.com
Hi
I have written an application in which I am using AD groups to set the
program permissions.
sample code:
System.Security.Principal.WindowsIdentity ident =
System.Security.Principal.WindowsIdentity.GetCurrent();
System.Security.Principal.WindowsPrincipal prin = new
System.Security.Principal.WindowsPrincipal(ident);
System.Threading.Thread.CurrentPrincipal = prin;
if (prin.IsInRole(@"domain\group"))
{
btnUpdate.Visible = true;
}
when the user is not connected to the network, it is possible to log
on because of the user offline profile.
but than the code doesn't work. because the user has no memberships. I
thougth the group membership will be stored in the offline user
profile too.
what can i do to solve that problem?
thx for help.
Tim
.
- Follow-Ups:
- References:
- Prev by Date: RE: The remote server returned an error: (403) Forbidden in
- Next by Date: Re: The remote server returned an error: (403) Forbidden in
- Previous by thread: ActiveDirectory group membership in offline profile
- Next by thread: Re: ActiveDirectory group membership in offline profile
- Index(es):
Relevant Pages
|
