Allows code to check the Windows group membership of a Windows user.
Assembly: mscorlib (in mscorlib.dll)
The WindowsPrincipal class is primarily used to check the role of a Windows user. The WindowsPrincipal.IsInRole method overloads let you check the user role by using different role contexts.
| Note |
|---|
The HostProtectionAttribute attribute applied to this type or member has the following Resources property value: SecurityInfrastructure. The HostProtectionAttribute does not affect desktop applications (which are typically started by double-clicking an icon, typing a command, or entering a URL in a browser). For more information, see the HostProtectionAttribute class or SQL Server Programming and Host Protection Attributes. |
| Topic | Location |
|---|---|
| How to: Create a WindowsPrincipal Object | .NET Framework: Security |
| How to: Create a WindowsPrincipal Object | .NET Framework: Security |
The following example demonstrates how to use the IsInRole method overloads. The WindowsBuiltInRole enumeration is used as the source for the relative identifiers (RIDs) that identify the built-in roles. The RIDs are used to determine the roles of the current principal.
Imports System Imports System.Threading Imports System.Security.Permissions Imports System.Security.Principal Class SecurityPrincipalDemo Public Shared Sub DemonstrateWindowsBuiltInRoleEnum() Dim myDomain As AppDomain = Thread.GetDomain() myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal) Dim myPrincipal As WindowsPrincipal = CType(Thread.CurrentPrincipal, WindowsPrincipal) Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString()) Dim wbirFields As Array = [Enum].GetValues(GetType(WindowsBuiltInRole)) Dim roleName As Object For Each roleName In wbirFields Try ' Cast the role name to a RID represented by the WindowsBuildInRole value. Console.WriteLine("{0}? {1}.", roleName, myPrincipal.IsInRole(CType(roleName, WindowsBuiltInRole))) Console.WriteLine("The RID for this role is: " + Fix(roleName).ToString()) Catch Console.WriteLine("{0}: Could not obtain role for this RID.", roleName) End Try Next roleName ' Get the role using the string value of the role. Console.WriteLine("{0}? {1}.", "Administrators", myPrincipal.IsInRole("BUILTIN\" + "Administrators")) Console.WriteLine("{0}? {1}.", "Users", myPrincipal.IsInRole("BUILTIN\" + "Users")) ' Get the role using the WindowsBuiltInRole enumeration value. Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator, myPrincipal.IsInRole(WindowsBuiltInRole.Administrator)) ' Get the role using the WellKnownSidType. Dim sid As New SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, Nothing) Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid)) End Sub 'DemonstrateWindowsBuiltInRoleEnum Public Shared Sub Main() DemonstrateWindowsBuiltInRoleEnum() End Sub 'Main End Class 'SecurityPrincipalDemo
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role not supported), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.