"Dominick Baier [DevelopMentor]" <>
wrote in message news:. com...
> try
>
> a) whoami /groups from the command line (part of w2k3 or the resource kit)
It lists all the groups logged on user belong to.
> b) drop this page in your app and see what roles you are member of (from
> the view of asp.net)
DOMAIN-LAN\Domain Users-----------> IsInRole=True
Everyone-----------> IsInRole=True
ATUL\BizTalk Application Users-----------> IsInRole=True
ATUL\BizTalk Isolated Host Users-----------> IsInRole=True
ATUL\BizTalk Server Administrators-----------> IsInRole=True
ATUL\Debugger Users-----------> IsInRole=True
ATUL\EDI Subsystem Users-----------> IsInRole=True
ATUL\IIS_WPG-----------> IsInRole=True
ATUL\OLAP Administrators-----------> IsInRole=True
ATUL\OWS_1094864922_admin-----------> IsInRole=True
ATUL\SSO Administrators-----------> IsInRole=True
S-1-5-21-2875354219-2406699116-2307019780-1068-----------> IsInRole=False
BUILTIN\Administrators-----------> IsInRole=True
BUILTIN\Power Users-----------> IsInRole=True
BUILTIN\Users-----------> IsInRole=True
NT AUTHORITY\INTERACTIVE-----------> IsInRole=True
NT AUTHORITY\Authenticated Users-----------> IsInRole=True
NT AUTHORITY\This Organization-----------> IsInRole=True
LOCAL-----------> IsInRole=True
DOMAIN-LAN\SSOAdminGroup-----------> IsInRole=True
"ATUL" is the machine name. I do not see the Group which has been created
newly on the domain. Also, there are two more local groups in the local
machine, and user is part of these two groups, but the group names are not
shown here. Why is it so?
>
> http://www.leastprivilege.com/ShowCo...eIAdmitIt.aspx
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
>> Yes!
>>
>> MyDomain\atuls is NOT part of ROLE.
>>
>> "Dominick Baier [DevelopMentor]"
>> <> wrote in message
>> news:. com...
>>
>>> what does Context.User.Identity.Name say - the username you are
>>> expecting?
>>>
>>> ---------------------------------------
>>> Dominick Baier - DevelopMentor
>>> http://www.leastprivilege.com
>>>> As you said, I have modified the web.config as:
>>>>
>>>> <authorization>
>>>> <allow roles="MyDomain\\WMS_ADMINISTRATORS"/>
>>>> </authorization>
>>>> And the Page_Load Code is:
>>>> protected void Page_Load(object sender, EventArgs e)
>>>> {
>>>> if (Context.User.IsInRole("MyDomain\\WMS_ADMINISTRATO RS"))
>>>> {
>>>> Label1.Text = Context.User.Identity.Name + " is part of
>>>> ROLE";
>>>> }
>>>> else
>>>> {
>>>> Label1.Text = Context.User.Identity.Name + " is NOT part
>>>> of
>>>> ROLE";
>>>> }
>>>> }
>>>> What am I missing here? I have verified that current logged on user
>>>> is
>>>> part of MyDomain\\WMS_ADMINISTRATORS group.
>>>> "Dominick Baier [DevelopMentor]"
>>>> <> wrote in message
>>>> news:. com...
>>>>
>>>>> hi,
>>>>> you have to use the domain\groupname format for windows groups.
>>>>> ---------------------------------------
>>>>> Dominick Baier - DevelopMentor
>>>>> http://www.leastprivilege.com
>>>>>> Hi,
>>>>>>
>>>>>> I am facing a weird problem related to ASP.NET 2.0 Roles. I have
>>>>>> web.Config file having security settings:
>>>>>>
>>>>>> <authentication mode="Windows"/>
>>>>>>
>>>>>> <authorization>
>>>>>>
>>>>>> <allow roles=".\WMSAdmin" />
>>>>>>
>>>>>> </authorization>
>>>>>>
>>>>>> And during Page_Load() event, when I check whether current logged
>>>>>> on user is in the Role specified then it fails, however, the user
>>>>>> is part of this Role on the local machine:
>>>>>>
>>>>>> If Not Page.User.IsInRole("WMSAdmin") Then
>>>>>>
>>>>>> Trace.Write("Page user is NOT part of WMSAdminGroup")
>>>>>>
>>>>>> Server.Transfer("~/NoAccess.aspx")
>>>>>>
>>>>>> Else
>>>>>>
>>>>>> Trace.Write("Page user " & Page.User.Identity.Name & " is PART of
>>>>>> WMSAdmin Group.")
>>>>>>
>>>>>> End If
>>>>>>
>>>>>> Any guesses, what am I missing here.
>>>>>> Regards,
>>>>>> Atul
>
>
Similar Threads
