none
How to use C# to enumerate the currently visible User groups; both domain & local. RRS feed

  • Question

  • I would like to streamline the security provision within my C# app' such that i'd like to provide administrators of the app' the ability to browse & select user groups by which to permit one of two different roles (user groups).  Specifically, my design concept is to direct the app's administrative owner to create two different domain user groups; one for operators and one for administrators.  That owner would then populate those user groups with users accordingly.  All of this administrative work would b done from Windows and not from within the subject app'.  Then, i would provide the app' with functionality to allow the administrative owner to browse all accessible groups from within the app' such to select the groups that were created for the app's respective use.  -I have experience with datagridview and it seems as this would be the browse mechanism, however, can u kickstart me n this direction; how to enumerate and populate the dgv as said?


    Glenn of xSyLent
    Monday, October 13, 2008 6:23 PM

Answers

  • Not quite sure if this is exactly what you want, but this bit of code will list all the AD (and local) groups that the current user belongs to. Might get you started anyway.

     public Dictionary<stringstring> GetUserADGroupsDictionary() 
            { 
                if (_ADGroups == null
                { 
     
                    _ADGroups = new Dictionary<stringstring>(); 
                    foreach (IdentityReference ir in WindowsIdentity.GetCurrent().Groups) 
                    { 
                        SecurityIdentifier sid = new SecurityIdentifier(ir.Value); 
                        NTAccount acc = (NTAccount)ir.Translate(typeof(NTAccount)); 
                        try 
                        { 
                            _ADGroups.Add(acc.Value, acc.Value + " - " + sid.IsAccountSid().ToString()); 
                        } 
                        catch { } 
                    } 
                } 
                return _ADGroups; 
            } 

    • Marked as answer by Zhi-Xin Ye Monday, October 20, 2008 11:09 AM
    Tuesday, October 14, 2008 12:11 AM

All replies

  • Not quite sure if this is exactly what you want, but this bit of code will list all the AD (and local) groups that the current user belongs to. Might get you started anyway.

     public Dictionary<stringstring> GetUserADGroupsDictionary() 
            { 
                if (_ADGroups == null
                { 
     
                    _ADGroups = new Dictionary<stringstring>(); 
                    foreach (IdentityReference ir in WindowsIdentity.GetCurrent().Groups) 
                    { 
                        SecurityIdentifier sid = new SecurityIdentifier(ir.Value); 
                        NTAccount acc = (NTAccount)ir.Translate(typeof(NTAccount)); 
                        try 
                        { 
                            _ADGroups.Add(acc.Value, acc.Value + " - " + sid.IsAccountSid().ToString()); 
                        } 
                        catch { } 
                    } 
                } 
                return _ADGroups; 
            } 

    • Marked as answer by Zhi-Xin Ye Monday, October 20, 2008 11:09 AM
    Tuesday, October 14, 2008 12:11 AM
  • This looks interesting; i'll c where it goes later this afternoon.  I'll let u know.  Thanks John!

    /glen
    Glenn of xSyLent
    Tuesday, October 14, 2008 12:32 PM