private IEnumerable <SecurityIdentifier> GetTokenGroups(SecurityIdentifier principalSid, SecurityIdentifier requestContext = null)
{
if (principalSid == null)
{
throw new ArgumentNullException(nameof(principalSid));
}
if (requestContext == null || requestContext.IsEqualDomainSid(CurrentDomainSid))
{
using (AuthorizationContext context = new AuthorizationContext(principalSid))
{
return(context.GetTokenGroups().ToList()); // Force the enumeration now before the context goes out of scope
}
}
else
{
string dnsDomain = discoveryServices.GetDomainNameDns(requestContext.AccountDomainSid);
return(this.discoveryServices.Find2012DcAndExecuteWithRetry(dnsDomain, dc =>
{
using (AuthorizationContext context = new AuthorizationContext(principalSid, dc))
{
return context.GetTokenGroups().ToList(); // Force the enumeration now before the context goes out of scope
}
}));
}
}
public static IEnumerable <SecurityIdentifier> GetTokenGroups(SecurityIdentifier principalSid, SecurityIdentifier requestContext = null)
{
if (principalSid == null)
{
throw new ArgumentNullException(nameof(principalSid));
}
string server;
if (requestContext == null || requestContext.IsEqualDomainSid(NativeMethods.CurrentDomainSid))
{
server = null;
}
else
{
string dnsDomain = NativeMethods.GetDnsDomainNameFromSid(requestContext.AccountDomainSid);
server = NativeMethods.GetDomainControllerForDnsDomain(dnsDomain);
}
using AuthorizationContext context = new AuthorizationContext(principalSid, server);
return(context.GetTokenGroups().ToList()); // Force the enumeration now before the context goes out of scope
}
