This documentation is archived and is not being maintained.

WindowsPrincipal.IsInRole Method (WindowsBuiltInRole)

Determines whether the current principal belongs to the Windows user group that has the specified WindowsBuiltInRole.

Namespace:  System.Security.Principal
Assembly:  mscorlib (in mscorlib.dll)

public virtual bool IsInRole(
	WindowsBuiltInRole role


Type: System.Security.Principal.WindowsBuiltInRole
One of the enumeration values that specifies a built-in role within the Windows operating system.

Return Value

Type: System.Boolean
true if the current principal is a member of the specified Windows user group; otherwise, false.


role is not a valid WindowsBuiltInRole value.

When testing for newly created role information, such as a new user or a new group, you should log out and log back in to force the propagation of role information within the domain. Not doing so can cause the IsInRole test to return false.

For performance reasons, we recommend that you use the IsInRole(SecurityIdentifier) overload to determine the user's role.


In Windows Vista and later versions of the Windows operating system, User Account Control (UAC) determines the privileges of a user. If you are a member of the Built-in Administrators group, you are assigned two run-time access tokens: a standard user access token and an administrator access token. By default, you are in the standard user role. When you attempt to perform a task that requires administrative privileges, you can dynamically elevate your role by using the Consent dialog box. The code that executes the IsInRole method does not display the Consent dialog box. The code returns false if you are in the standard user role or in the Built-in Administrators group. You can elevate your privileges before you execute the code by right-clicking the application icon and indicating that you want to run as an administrator.

The following example uses the WindowsBuiltInRole enumeration is used to determine whether the current principal is an Administrator. For the full code example, see the WindowsPrincipal.IsInRole(Int32) method.

// Get the role using the WindowsBuiltInRole enumeration value.
Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator,

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.