Get User Roles?

[Ivan Gibbs]

In C#, I want to log in a user who has a specific role.
The role was originally "Cashier". However, now
the "Cashier" can be prefixed with anything, such
as "LS_Cashier". Since the role name is not known any
more, how can the user be logged in?

I have been working on getting all the role names and
checking if any contain "Cashier", but I have not found a
way to get a list of the current roles. There was some
discussion of TokenGroups, but this has not lead to a
solution for C#.

Any help would be appreciated.

 

[Joe Kaplan \(MVP - ADSI\)]

What is the type on the IPrincipal that you are checking? If it was a
WindowsPrincipal, the roles would be Windows groups and would be prefixed
with a domain or machine name like domain\cashier. If it isn't a
WindowsPrincipal, then it is likely some other type of IPrincipal that is
created in your code somewhere. If so, then you can probably add a Roles
property to the type and then enumerate them that way.

If it is a WindowsPrincipal, then there are a few options for getting the
groups. The Token property of WindowsIdentity in the Identity object can be
used to call into unmanaged code to get the token groups as SIDs. Then,
more unmanaged code can be used to convert them to names.

If you provide more details, we can help more.

Joe K.

 

[Paul Glavich [MVP ASP.NET]]

Have a look at one of my articles located here
http://aspalliance.com/articleViewer.aspx?aId=553&pId=2 which is the second
page in the article and contains a small routine to look at the roles
contained within a Windows principal object. It will allow you to extract
them into a string array and evaluate them from there.