Ask a Question related to ASP.NET Security, Design and Development.
-
David Jessee #1
WindowsPrincipal.IsInRole() is Being Flaky. Help!!
Its just being inconsistent.
I'm in 3 different Groups in AD.
..IsInRole("Groupx") returns true
..IsInRole("Groupy") returns true
..IsInRole("Groupz") returns FALSE
All of these groups reside in the same location in my AD tree, but for some
reason, the one is returning False.
even stranger, if I do a search for "Groupz" and list out its members
(through DirectoryServices) my account information shows up.
I have no idea why my account is in the group, but that lookup doesn't work
for the group, but it dows for others.
Ideas??
Anyone??
I'm not proud, I'll beg, I'll make cheesecake!
David Jessee Guest
-
isinrole reverts to windowsprincipal?
I'm trying to assign all roles (AD and custom pulled from SQL Table) to users when they login to the app using Windows Authentication. The code... -
WindowsPrincipal.IsInRole() problem with non-builtin roles
Can't get WindowsPrincipal.IsInRole() to work for me when using Windows Authentication. Here's a snippit of code from my C# codebehind page: ... -
CurrentPrincipal, WindowsPrincipal
Hello Friend Please check following Cod Dim x As System.Security.Principal.WindowsPrincipa x = System.Threading.Thread.CurrentPrincipa... -
#9876 [Com]: OCIPLogon flaky after restart Oracle
ID: 9876 Comment by: aferaud at buyingpack dot com Reported By: merrill at missioncriticallinux dot com Status: ... -
Combo box flaky update
On Sat, 28 Jun 2003 11:24:00 +0100, Alex L. James <alex@walton23.freeserve.co.uk> wrote: Please post your code. John W. Vinson Come for... -
Joe Kaplan \(MVP - ADSI\) #2 Re: WindowsPrincipal.IsInRole() is Being Flaky. Help!!
Is the group security enabled? What type of group is it (groupType)?
Joe K.
"David Jessee" <DavidJessee@discussions.microsoft.com> wrote in message
news:9CE609AB-6DCC-4F44-9F34-B2B5E9604529@microsoft.com...> Its just being inconsistent.
>
> I'm in 3 different Groups in AD.
>
> .IsInRole("Groupx") returns true
> .IsInRole("Groupy") returns true
> .IsInRole("Groupz") returns FALSE
>
> All of these groups reside in the same location in my AD tree, but for
> some
> reason, the one is returning False.
>
> even stranger, if I do a search for "Groupz" and list out its members
> (through DirectoryServices) my account information shows up.
>
> I have no idea why my account is in the group, but that lookup doesn't
> work
> for the group, but it dows for others.
>
> Ideas??
> Anyone??
> I'm not proud, I'll beg, I'll make cheesecake!
Joe Kaplan \(MVP - ADSI\) Guest
-
David Jessee #3 Re: WindowsPrincipal.IsInRole() is Being Flaky. Help!!
The Scope is Global, the Group Type is Security.
Okay, folks, I'm gonna up the antie. Anyone want Fudge? Home made!!
"Joe Kaplan (MVP - ADSI)" wrote:
> Is the group security enabled? What type of group is it (groupType)?
>
> Joe K.
>
> "David Jessee" <DavidJessee@discussions.microsoft.com> wrote in message
> news:9CE609AB-6DCC-4F44-9F34-B2B5E9604529@microsoft.com...>> > Its just being inconsistent.
> >
> > I'm in 3 different Groups in AD.
> >
> > .IsInRole("Groupx") returns true
> > .IsInRole("Groupy") returns true
> > .IsInRole("Groupz") returns FALSE
> >
> > All of these groups reside in the same location in my AD tree, but for
> > some
> > reason, the one is returning False.
> >
> > even stranger, if I do a search for "Groupz" and list out its members
> > (through DirectoryServices) my account information shows up.
> >
> > I have no idea why my account is in the group, but that lookup doesn't
> > work
> > for the group, but it dows for others.
> >
> > Ideas??
> > Anyone??
> > I'm not proud, I'll beg, I'll make cheesecake!
>
>David Jessee Guest
-
Joe Kaplan \(MVP - ADSI\) #4 Re: WindowsPrincipal.IsInRole() is Being Flaky. Help!!
Ok, that group should definitely be in the user's token then. Assuming you
definitely have the name correct, the next thing I'd do is a little
exploration on the user's token.
I'd try this reflection code to see what's actually in the user's token:
Function GetRoles(byval identity as WindowsIdentity) as String()
Dim idType As Type
idType = GetType(WindowsIdentity)
Dim result As Object =
idType.InvokeMember("_GetRoles",BindingFlags.Stati c Or
BindingFlags.InvokeMethod Or BindingFlags.NonPublic,Nothing, identity, New
Object() {identity.Token}, Nothing)
Dim roles() As String = DirectCast(result, String())
Return roles
End Function
You can use that to see the actual group list.
The next steps after this involve looking at the user's token to examine the
SIDs directly, but that is less easy.
Joe K.
"David Jessee" <DavidJessee@discussions.microsoft.com> wrote in message
news:61A825F8-D274-47D4-93CE-D788A5D6E5EE@microsoft.com...> The Scope is Global, the Group Type is Security.
>
> Okay, folks, I'm gonna up the antie. Anyone want Fudge? Home made!!
>
> "Joe Kaplan (MVP - ADSI)" wrote:
>>> Is the group security enabled? What type of group is it (groupType)?
>>
>> Joe K.
>>
>> "David Jessee" <DavidJessee@discussions.microsoft.com> wrote in message
>> news:9CE609AB-6DCC-4F44-9F34-B2B5E9604529@microsoft.com...>>>> > Its just being inconsistent.
>> >
>> > I'm in 3 different Groups in AD.
>> >
>> > .IsInRole("Groupx") returns true
>> > .IsInRole("Groupy") returns true
>> > .IsInRole("Groupz") returns FALSE
>> >
>> > All of these groups reside in the same location in my AD tree, but for
>> > some
>> > reason, the one is returning False.
>> >
>> > even stranger, if I do a search for "Groupz" and list out its members
>> > (through DirectoryServices) my account information shows up.
>> >
>> > I have no idea why my account is in the group, but that lookup doesn't
>> > work
>> > for the group, but it dows for others.
>> >
>> > Ideas??
>> > Anyone??
>> > I'm not proud, I'll beg, I'll make cheesecake!
>>
>>
Joe Kaplan \(MVP - ADSI\) Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
