I need to check Weather the accessing Domain User present in the Local User Group. In that Multiple group entries will be there. I need to check weather the domain user present in any group inside and including nested Group also. I have tried many solutions I am searching simple and reliable solution which will work all the cases.
Existing Code:
using (HostingEnvironment.Impersonate())
{
using (DirectoryEntry machine =
new DirectoryEntry("WinNT://" + Environment.MachineName))
{
using (DirectoryEntry group = machine.Children.Find(adminGroupName, "Group"))
{
var members = group.Invoke("Members", null);
bool IsInRole = ((IEnumerable)members).Cast<Object>().
Any(x => new DirectoryEntry(x).Name == userName);
if (!IsInRole)
{
foreach (object member in (IEnumerable)members)
{
DirectoryEntry x = new DirectoryEntry(member);
if (x.SchemaClassName == "Group")
{
IsInRole = principal.IsInRole(x.Name);
}
}
}
return IsInRole;
}
}
In the above sample principal.IsInRole ---> principal is coming from WindowsPrincipal Object. but this** principal.IsInRole will not work for nested group.**
Tried Implementing this solution: Check active directory group membership recursively
This is working only if the group present in the same Domain. If the group present in the different domain this will not work since we are sending domain.
