IsInRole Method (SecurityIdentifier)
Collapse the table of content
Expand the table of content

WindowsPrincipal.IsInRole Method (SecurityIdentifier)

Determines whether the current principal belongs to the Windows user group with the specified security identifier (SID).

Namespace: System.Security.Principal
Assembly: mscorlib (in mscorlib.dll)

[ComVisibleAttribute(false)] 
public virtual bool IsInRole (
	SecurityIdentifier sid
)
/** @attribute ComVisibleAttribute(false) */ 
public boolean IsInRole (
	SecurityIdentifier sid
)
ComVisibleAttribute(false) 
public function IsInRole (
	sid : SecurityIdentifier
) : boolean
Not applicable.

Parameters

sid

A SecurityIdentifier that uniquely identifies a Windows user group.

Return Value

true if the current principal is a member of the specified Windows user group; otherwise, false.

Exception typeCondition

ArgumentNullException

sid is a null reference (Nothing in Visual Basic).

SecurityException

Windows returned a Win32 error.

The SecurityIdentifier uniquely identifies a user or group on Windows 2000, Windows Server, and Windows XP implementations. When testing for newly created role information, such as a new user or a new group, it is important to log out and log in to force the propagation of role information within the domain. Not doing so can cause the IsInRole test to return false. This method is not supported on Windows 98 or Windows Millennium Edition.

NoteNote:

In Windows Vista, User Account Control (UAC) determines the privileges of a user. If you are a member of the Built-in Administrators group, you are assigned two run-time access tokens: a standard user access token and an administrator access token. By default, you are in the standard user role. When you attempt to perform a task that requires administrative privileges, you can dynamically elevate your role by using the Consent dialog box. The code that executes the IsInRole method does not display the Consent dialog box. The code returns false if you are in the standard user role, even if you are in the Built-in Administrators group. You can elevate your privileges before you execute the code by right-clicking the application icon and indicating that you want to run as an administrator.

For performance reasons, this is the preferable overload to determine a user's role.

The following code example demonstrates the use of the WindowsPrincipal.IsInRole(SecurityIdentifier) method. The BuiltinAdministratorsSid enumeration value is used to determine whether the current principal is an administrator. For the full code example, see the WindowsPrincipal.IsInRole(Int32) method.

// Get the role using the WellKnownSidType.
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid  {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid));

Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0

Community Additions

ADD
Show:
© 2016 Microsoft