D
Dominick Baier
you have to query roles in the DOMAIN\GroupName format...
---
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
nntp://news.microsoft.com/microsoft.public.dotnet.framework.aspnet.security/<[email protected]>
Hi,
I'm trying to do something that I think should be pretty easy, take the user who is authenticated with the application (intranet application/ integrated windows authentication), and determine if they are in "this group".
Before, I had queried active directory, got the list of groups for the user and compared, but then I realized that the IsInRole Function may actually work in this case. I tried it and it doesn't seem to be working correctly. Here is what I've tried so far.
I'm impersonating in my application, so I tried this....didn't work
Dim blah As WindowsPrincipal = New WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent())
If blah.IsInRole("Domain Admins") = True Then
'is a domain admin
End If
Then I tried this:
If HttpContext.Current.User.IsInRole("Domain Admins") = True Then
'is a domain admin
End If
Still didn't return true (I am a member of this group too!) Am I missing something here, or so I just go back to querying active directory myself for group membership?
Thanks for any help!
--Michael
[microsoft.public.dotnet.framework.aspnet.security]
---
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
nntp://news.microsoft.com/microsoft.public.dotnet.framework.aspnet.security/<[email protected]>
Hi,
I'm trying to do something that I think should be pretty easy, take the user who is authenticated with the application (intranet application/ integrated windows authentication), and determine if they are in "this group".
Before, I had queried active directory, got the list of groups for the user and compared, but then I realized that the IsInRole Function may actually work in this case. I tried it and it doesn't seem to be working correctly. Here is what I've tried so far.
I'm impersonating in my application, so I tried this....didn't work
Dim blah As WindowsPrincipal = New WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent())
If blah.IsInRole("Domain Admins") = True Then
'is a domain admin
End If
Then I tried this:
If HttpContext.Current.User.IsInRole("Domain Admins") = True Then
'is a domain admin
End If
Still didn't return true (I am a member of this group too!) Am I missing something here, or so I just go back to querying active directory myself for group membership?
Thanks for any help!
--Michael
[microsoft.public.dotnet.framework.aspnet.security]