Principal IsInRole look up by group name fails, by SID Works C#

Asked Jul 18 '16 at 21:51

Active Jul 18 '16 at 21:51

Viewed 426 times

I am surprised that I cannot look up Windows group membership by the group name.

I can use UserPrincipal.Current.GetGroups(); But I aparently cannot use Httpcontext.CurrentUser.IsInRole

to look up the group membership by name to determine if the current user is in a group.

  var groups = UserPrincipal.Current.GetGroups();

  var groupNames = groups.Select(x => x.SamAccountName);
  var check0 = groupNames.Contains("pgXbCreateScanDefn"); //works but is not the way by supporting classes currently check.

  //this is how my supporting classes expect to check membership
  var principal = HttpContext.Current.User;
  var check = principal.IsInRole("pgXbCreateScanDefn");   //expected to be true but is not

  //while this works, I would have to translate the user friendly names to SIDs. 
  var check2 = principal.IsInRole("S-1-5-21-4052565669-1266607236-977642746-1013");  //is true as expected,

I was able to do this in the past. Is this no longer supported?

asked Jul 18 '16 at 21:51

The Mithral Smith

1

Are you in a .NET Core application? Or is this on the .NET Framework? – Will Ray Jul 19 '16 at 01:06
It's a .NET Framework ASP.NET application. – The Mithral Smith Jul 19 '16 at 01:13
1

Did you ever figure this out? Running into the same thing at the moment. – Karl Dec 06 '16 at 21:46

Principal IsInRole look up by group name fails, by SID Works C#

0 Answers0