Identifying user in Windows group

T

Tapi

Hello,

I am using Visual SourceSafe to work on a project in a team of three.

I have created a Windows group caleed "Application_MO" on my machine and
added my Windows login to it.

However, when I run the code below, the answer is always "KO" i.e. I am not
identified as belonging to the "Application_MO" group. What could be the
problem?

If HttpContext.Current.User.IsInRole("Application_MO") Then
Response.Write("User exists")

Else

Response.Write("<font color=red>KO<font color>")



Thanks in advance



TJ
 
M

Mark Rae

If HttpContext.Current.User.IsInRole("Application_MO") Then
Response.Write("User exists")

Else

Response.Write("<font color=red>KO<font color>")
Click to expand...

Do this:

Response.Write(HttpContext.Current.User.Identity.Name)

so that you know who ASP.NET thinks the current user is...
 
T

Tapi

I have done that and it correctly identifies me.

However, the problem still remains of finding out if I belong to the said
group in Windows.

Help!
 
M

Mark Rae

I have done that and it correctly identifies me.
OK.

However, the problem still remains of finding out if I belong to the said
group in Windows.
Click to expand...

Might it be simply that the ASPNET account doesn't have sufficient
permissions to query the ActiveDirectory...?

Below is an extremely simple but very effective C# method I use for
determining whether a given user is in a given group - it shouldn't be too
difficult to convert it into VB.NET - you'll need to reference the
System.DirectoryServices namespace...

public static bool IsUserInGroup(string pstrDomain, string pstrUser, string
pstrGroup)
{
DirectoryEntry objADEntry = null;
DirectoryEntry objUser = null;
DirectoryEntry objGroup = null;

try
{
objADEntry = new DirectoryEntry("WinNT://" + pstrDomain + ",domain");
objUser = objADEntry.Children.Find(pstrUser, "user");
objGroup = objADEntry.Children.Find(pstrGroup, "group");
return (bool) objGroup.Invoke("IsMember", new object[]
{objUser.Path.ToString()});
}
catch (Exception)
{
throw;
}
finally
{
if (objGroup != null)
{
objGroup.Close();
objGroup.Dispose();
objGroup = null;
}
if (objUser != null)
{
objUser.Close();
objUser.Dispose();
objUser = null;
}
if (objADEntry != null)
{
objADEntry.Close();
objADEntry.Dispose();
objADEntry = null;
}
}
}
 
T

Tapi

Thanks, I will trying that after the "translation" to VB.
Mark Rae said:
I have done that and it correctly identifies me.
OK.

However, the problem still remains of finding out if I belong to the said
group in Windows.
Click to expand...

Might it be simply that the ASPNET account doesn't have sufficient
permissions to query the ActiveDirectory...?

Below is an extremely simple but very effective C# method I use for
determining whether a given user is in a given group - it shouldn't be too
difficult to convert it into VB.NET - you'll need to reference the
System.DirectoryServices namespace...

public static bool IsUserInGroup(string pstrDomain, string pstrUser, string
pstrGroup)
{
DirectoryEntry objADEntry = null;
DirectoryEntry objUser = null;
DirectoryEntry objGroup = null;

try
{
objADEntry = new DirectoryEntry("WinNT://" + pstrDomain + ",domain");
objUser = objADEntry.Children.Find(pstrUser, "user");
objGroup = objADEntry.Children.Find(pstrGroup, "group");
return (bool) objGroup.Invoke("IsMember", new object[]
{objUser.Path.ToString()});
}
catch (Exception)
{
throw;
}
finally
{
if (objGroup != null)
{
objGroup.Close();
objGroup.Dispose();
objGroup = null;
}
if (objUser != null)
{
objUser.Close();
objUser.Dispose();
objUser = null;
}
if (objADEntry != null)
{
objADEntry.Close();
objADEntry.Dispose();
objADEntry = null;
}
}
}
Click to expand...
 
J

Juan T. Llibre

Public Shared Function IsUserInGroup(pstrDomain As String, pstrUser As String, pstrGroup
As String) As Boolean

Dim objADEntry As DirectoryEntry = Nothing
Dim objUser As DirectoryEntry = Nothing
Dim objGroup As DirectoryEntry = Nothing

Try
objADEntry = New DirectoryEntry("WinNT://" + pstrDomain + ",domain")
objUser = objADEntry.Children.Find(pstrUser, "user")
objGroup = objADEntry.Children.Find(pstrGroup, "group")
Return CBool(objGroup.Invoke("IsMember", New Object() {objUser.Path.ToString()}))
Catch Else
Throw
Finally
If Not (objGroup Is Nothing) Then
objGroup.Close()
objGroup.Dispose()
objGroup = Nothing
End If
If Not (objUser Is Nothing) Then
objUser.Close()
objUser.Dispose()
objUser = Nothing
End If
If Not (objADEntry Is Nothing) Then
objADEntry.Close()
objADEntry.Dispose()
objADEntry = Nothing
End If
End Try
End Function 'IsUserInGroup

Courtesy of "C# To VB .NET Source Code Converter":
http://www.eggheadcafe.com/articles/cstovbweb/converter.aspx

It took about 3 seconds to get that code converted... ;-)

You might want to check it for errors,
but at least the grunt work is done for you.





Tapi said:
Thanks, I will trying that after the "translation" to VB.

Mark Rae said:
I have done that and it correctly identifies me.
OK.

However, the problem still remains of finding out if I belong to the said
group in Windows.
Click to expand...

Might it be simply that the ASPNET account doesn't have sufficient
permissions to query the ActiveDirectory...?

Below is an extremely simple but very effective C# method I use for
determining whether a given user is in a given group - it shouldn't be too
difficult to convert it into VB.NET - you'll need to reference the
System.DirectoryServices namespace...

public static bool IsUserInGroup(string pstrDomain, string pstrUser, string
pstrGroup)
{
DirectoryEntry objADEntry = null;
DirectoryEntry objUser = null;
DirectoryEntry objGroup = null;

try
{
objADEntry = new DirectoryEntry("WinNT://" + pstrDomain + ",domain");
objUser = objADEntry.Children.Find(pstrUser, "user");
objGroup = objADEntry.Children.Find(pstrGroup, "group");
return (bool) objGroup.Invoke("IsMember", new object[]
{objUser.Path.ToString()});
}
catch (Exception)
{
throw;
}
finally
{
if (objGroup != null)
{
objGroup.Close();
objGroup.Dispose();
objGroup = null;
}
if (objUser != null)
{
objUser.Close();
objUser.Dispose();
objUser = null;
}
if (objADEntry != null)
{
objADEntry.Close();
objADEntry.Dispose();
objADEntry = null;
}
}
}
Click to expand...
Click to expand...
 
J

Juan T. Llibre

And that includes internet latency, too!

;-)

I suspect the actual processing time is well under 1/10 second.
 
T

Tapi

Thanks a lot for the conversion.

However, I have tried my code on an XP workstation and it works. I am using
a Windows 2000 workstation. Could it be that I need to install something
(Service pack/:NET addin...) that will enable the code to work?

I have service pack 4 installed.


Juan T. Llibre said:
Public Shared Function IsUserInGroup(pstrDomain As String, pstrUser As String, pstrGroup
As String) As Boolean

Dim objADEntry As DirectoryEntry = Nothing
Dim objUser As DirectoryEntry = Nothing
Dim objGroup As DirectoryEntry = Nothing

Try
objADEntry = New DirectoryEntry("WinNT://" + pstrDomain + ",domain")
objUser = objADEntry.Children.Find(pstrUser, "user")
objGroup = objADEntry.Children.Find(pstrGroup, "group")
Return CBool(objGroup.Invoke("IsMember", New Object() {objUser.Path.ToString()}))
Catch Else
Throw
Finally
If Not (objGroup Is Nothing) Then
objGroup.Close()
objGroup.Dispose()
objGroup = Nothing
End If
If Not (objUser Is Nothing) Then
objUser.Close()
objUser.Dispose()
objUser = Nothing
End If
If Not (objADEntry Is Nothing) Then
objADEntry.Close()
objADEntry.Dispose()
objADEntry = Nothing
End If
End Try
End Function 'IsUserInGroup

Courtesy of "C# To VB .NET Source Code Converter":
http://www.eggheadcafe.com/articles/cstovbweb/converter.aspx

It took about 3 seconds to get that code converted... ;-)

You might want to check it for errors,
but at least the grunt work is done for you.





Thanks, I will trying that after the "translation" to VB.

Mark Rae said:
I have done that and it correctly identifies me.

OK.

However, the problem still remains of finding out if I belong to the said
group in Windows.

Might it be simply that the ASPNET account doesn't have sufficient
permissions to query the ActiveDirectory...?

Below is an extremely simple but very effective C# method I use for
determining whether a given user is in a given group - it shouldn't be too
difficult to convert it into VB.NET - you'll need to reference the
System.DirectoryServices namespace...

public static bool IsUserInGroup(string pstrDomain, string pstrUser, string
pstrGroup)
{
DirectoryEntry objADEntry = null;
DirectoryEntry objUser = null;
DirectoryEntry objGroup = null;

try
{
objADEntry = new DirectoryEntry("WinNT://" + pstrDomain + ",domain");
objUser = objADEntry.Children.Find(pstrUser, "user");
objGroup = objADEntry.Children.Find(pstrGroup, "group");
return (bool) objGroup.Invoke("IsMember", new object[]
{objUser.Path.ToString()});
}
catch (Exception)
{
throw;
}
finally
{
if (objGroup != null)
{
objGroup.Close();
objGroup.Dispose();
objGroup = null;
}
if (objUser != null)
{
objUser.Close();
objUser.Dispose();
objUser = null;
}
if (objADEntry != null)
{
objADEntry.Close();
objADEntry.Dispose();
objADEntry = null;
}
}
}
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Identifying current user 6
Style Tag Problem 1
Properly using directorysearcher to find a user in an AD Group 3
Determine if user is in AD group 11
Create user Wizard / Login Control 2
[ANN] San Diego .NET USer Group meeting Feb 22 2005, "Developing for Longhorn" with Mickey Williams 0
.net user permissions in IIS 2
Login failed for user '(null)' 5

Members online

Total: 49 (members: 3, guests: 46)
Robots: 216

Forum statistics

Threads
473,997
Messages
2,570,241
Members
46,831
Latest member
RusselWill

Latest Threads

Top