Problems using IsInRole - differences from XP and Windows2003

  • Thread starter Thread starter AJT
  • Start date Start date
A

AJT

Hello,

I hope someone can help shed some light on this as its driving me mad.

I have a Windows 2003 server that runs Active Directory and IIS and a
development PC running XP

If I have in my code HttpContext.Current.User.IsInRole("MyGroup") it
fails if I am running IIS on my XP pc but if I host my site on the
2003 server IIS all is ok.

On getting the groups using the following code

WindowsIdentity identity = WindowsIdentity.GetCurrent();
List<string> groups = new List<string>();

IdentityReferenceCollection identityReferences =
identity.Groups;

foreach (IdentityReference identityReference in
identityReferences)
{

NTAccount account =

(NTAccount)identityReference.Translate(typeof
(NTAccount));

groups.Add(account.Value);

}

I see that the results returned are quite different on WIndows 2003
IIS vs XP IIS

Windows 2003:

SERVER2\A Taylor
SERVER2\Domain Users
Everyone
SERVER2\MYGroup
BUILTIN\Administrators
BUILTIN\Remote Desktop Users
BUILTIN\Users
BUILTIN\Pre-Windows 2000 Compatible Access
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
NT AUTHORITY\This Organization
SERVER2\Domain Admins
SERVER2\MYGroup

XP:

SERVER2\A Taylor
SERVER2\Domain Users
Everyone
BUILTIN\Users
BUILTIN\Administrators
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
SERVER2\Domain Admins

you can see that "MyGroup" doesnt appear for XP.

Can anyone shed any light on this (or point me to a newsgroup that is
more suited to this problem)

Many thanks for your time.
 
I hope someone can help shed some light on this as its driving me mad.

I have a Windows 2003 server that runs Active Directory and IIS and a
development PC running XP

If I have in my code HttpContext.Current.User.IsInRole("MyGroup") it
fails if I am running IIS on my XP pc but if I host my site on the
2003 server IIS all is ok.

SNIPPED

Looks like a permissions issue. Most likely due to the user (you) being set
up locally for MyGroup and through the Domain Controller for other roles on
that server. That is a wild guess, but it would display the symptoms you
are stating here.


--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

Twitter: @gbworld
Blog: http://gregorybeamer.spaces.live.com

*******************************************
| Think outside the box! |
*******************************************
 
Looks like a permissions issue. Most likely due to the user (you) being set
up locally for MyGroup and through the Domain Controller for other roles on
that server. That is a wild guess, but it would display the symptoms you
are stating here.

Thanks for the reply.

The Group "MyGroup" is in the ActiveDirectory that the
domainController uses. There is no "MyGroup" on my local machine.

AJT
 
Thanks for the reply.

The Group "MyGroup" is in the ActiveDirectory that the
domainController uses. There is no "MyGroup" on my local machine.

AJT


Check Active Directory permissions on querying that group, as it may be a
domain setting. If not, it is beyond my current knowledge. Perhaps asking
in an Active Directory forum? Hope this helps!


--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

Twitter: @gbworld
Blog: http://gregorybeamer.spaces.live.com

*******************************************
| Think outside the box! |
*******************************************
 
Back
Top