0

I am trying to find if a user I identify is a member of the local Administrators group.

But my code does nothing...

Please see me code below.

Also, this is being executed in my public void Form1_Load(object sender, EventArgs e) {} so it is done every time at application start up.

        string localUser = WindowsIdentity.GetCurrent().Name.ToString();
        char[] trimmingsEnd = { 'a', 'd', 'm', 'i', 'n' };
        string trimmedlocalEnd = localUser.TrimEnd(trimmingsEnd);
        char[] trimmingsFront = { 'C', 'o', 'm', 'p', 'u', 't', 'e', 'r', '\\' };
        string trimmedlocalUser = trimmedlocalEnd.TrimStart(trimmingsFront);

        WindowsIdentity windowsIdentity = new WindowsIdentity(trimmedlocalUser);
        WindowsPrincipal principal = new WindowsPrincipal(windowsIdentity);
        bool IsAdmin = principal.IsInRole("BUILTIN\\" + "Administrators");
             if (IsAdmin == false)
                 MessageBox.Show("not part of admin");
             if (IsAdmin == true)
                 MessageBox.Show("part of admin");
crlic306
  • 35
  • 5

2 Answers2

0

If the program is compiling without any issues then it may be that the event handler is not setup for Form1_Load().

You may have to add to the Form1.Designer.cs file something like:

this.Load += new System.EventHandler(Form1_Load);

Let me know if this helps.

J T
  • 71
  • 1
  • 2
  • 5
  • It is loading...well should be. I have other items like Settings and a UAC checker and they load fine with no errors. – crlic306 Oct 24 '14 at 01:55
  • If you edit your answer and add 4 spaces in front of your code, it will format as code. Welcome to Stack Overflow! – DanM7 Oct 24 '14 at 01:58
  • I would debug and test whether the code in Form1_Load() is being reached. – J T Oct 24 '14 at 02:04
  • So upon debug, The WindowsIdentity line loads...and does not execute any lines below it. WindowsPrincipal and below are not even touched. I just want to make sure...my code IS correct, correct? I have been researching this all day now and my code looks like others I have seen to be correct. – crlic306 Oct 24 '14 at 02:46
  • Is it throwing an exception? Try putting a try/catch block around and see if it catches anything. The trimmedlocalUser string may not be a correct windows username. Try replacing it with just your windows username and see if that works, e.g. new WindowsIdentity("crlic306"); I used your code and it worked fine. The only difference was that I used Replace() instead of TrimEnd() and TrimStart(). – J T Oct 24 '14 at 02:53
  • I changed WindowsIdentity windowsIdentity = new WindowsIdentity(trimmedlocalUser); to WindowsIdentity windowsIdentity = WindowsIdentity.GetCurrent(); and now the code works perfect...but I DO NOT want the current user, I want to tell which username to check if they are an part of the admin group. Does anyone have any ideas on how to do this? My only concern is i need to delete the word "admin" from the CurrentUser name. Ex.: crlic306admin I need to check if crlic306 is part of the admin group. – crlic306 Oct 24 '14 at 02:59
  • No go...thanks for the assistance though. I believe the issue is I am trying to tell WindowsIdentity to look at a STRING...any string I try all has the same result. I am going to look into that and post my findings. – crlic306 Oct 24 '14 at 03:17
0

So, I ditched the method above, as all I could find is the current user...but I needed to search for two user names in the local administrators group.

The following code worked perfectly for what I needed! Hope this helps someone.

//Get all users from the local Administrators group and create list
            DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
            DirectoryEntry admGroup = localMachine.Children.Find("administrators", "group");
            object members = admGroup.Invoke("members", null);
            List<string> userList = new List<string>();
//Get current user
            string localUser1 = WindowsIdentity.GetCurrent().Name.ToString();
//Take domain name off
            char[] trimmingsFront = { 'D', 'O', 'M', 'A', 'I', 'N', '\\' };
            string trimmedlocalFront = localUser1.TrimStart(trimmingsFront);
//Take "admin" off username
            char[] trimmingsEnd = { 'a', 'd', 'm', 'i', 'n' };
            string trimmedlocalUser = trimmedlocalFront.TrimEnd(trimmingsEnd);
//Add each local Administrator to list
            foreach (object groupMember in (IEnumerable)members)
            {
                DirectoryEntry member = new DirectoryEntry(groupMember);
                userList.Add(member.Name);
            }
//Check if users are not part of list
            if (!(userList.Contains(trimmedlocalFront)))
                MessageBox.Show(trimmedlocalFront + " is not a member of the local Administrators group. The drag and drop functionality will not work unless " + trimmedlocalFront + " is a member of the local Administrators group. After " + trimmedlocalFront + " is added, please restart your machine for the changes to take effect.", "Local Administrator Warning", MessageBoxButtons.OK, MessageBoxIcon.Stop);
            else if (!(userList.Contains(trimmedlocalUser)))
                MessageBox.Show(trimmedlocalUser + " is not a member of the local Administrators group. The drag and drop functionality will not work unless " + trimmedlocalUser + " is a member of the local Administrators group. After " + trimmedlocalUser + " is added, please restart your machine for the changes to take effect.", "Local Administrator Warning", MessageBoxButtons.OK, MessageBoxIcon.Stop);

If you want to check for your own user names, for the 'if', do:

if (!(userList.Contains(whateverusernameyouwanttosearch)))
crlic306
  • 35
  • 5