public bool IsCurrentUserMachineAdmin()
{
using (WindowsIdentity identity = WindowsIdentity.GetCurrent())
{
// Require user to run app as admin
WindowsPrincipal winPrincipal = new WindowsPrincipal(identity);
if (winPrincipal.IsInRole(WindowsBuiltInRole.Administrator))
{
return(true);
}
PrincipalContext ctx;
try
{
ctx = new PrincipalContext(ContextType.Machine);
}
catch
{
return(false);
}
var up = UserPrincipal.FindByIdentity(ctx, identity.Name);
if (up != null)
{
PrincipalSearchResult <Principal> authGroups = up.GetAuthorizationGroups();
return(authGroups.Any(principal =>
principal.Sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid)));
}
}
return(false);
}
public bool IsCurrentUserDomainAdmin()
{
using (WindowsIdentity identity = WindowsIdentity.GetCurrent())
{
try
{
Domain.GetComputerDomain();
}
catch (ActiveDirectoryObjectNotFoundException)
{
return(false);
}
PrincipalContext ctx;
try
{
ctx = new PrincipalContext(ContextType.Domain);
}
catch
{
return(false);
}
var up = UserPrincipal.FindByIdentity(ctx, identity.Name);
if (up != null)
{
PrincipalSearchResult <Principal> authGroups = up.GetAuthorizationGroups();
return(authGroups.Any(principal =>
principal.Sid.IsWellKnown(WellKnownSidType.AccountDomainAdminsSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountEnterpriseAdminsSid)));
}
return(false);
}
}
private static bool IsAdministratorNoCache(string username)
{
PrincipalContext ctx;
try
{
Domain.GetComputerDomain();
try
{
ctx = new PrincipalContext(ContextType.Domain);
}
catch (PrincipalServerDownException)
{
// can't access domain, check local machine instead
ctx = new PrincipalContext(ContextType.Machine);
}
}
catch (ActiveDirectoryObjectNotFoundException)
{
// not in a domain
ctx = new PrincipalContext(ContextType.Machine);
}
var up = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, username);
if (up != null)
{
PrincipalSearchResult <Principal> authGroups = up.GetAuthorizationGroups();
return(authGroups.Any(principal =>
principal.Sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountDomainAdminsSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountEnterpriseAdminsSid)));
}
return(false);
}
public bool HasUser(string username)
{
logger.Info("Checking for " + username + " account");
UserPrincipal user = new UserPrincipal(context);
user.Name = username;
PrincipalSearcher ps = new PrincipalSearcher();
ps.QueryFilter = user;
PrincipalSearchResult <Principal> result = ps.FindAll();
if (result.Any())
{
logger.Info(username + " account found");
}
else
{
logger.Info(username + " account not found");
}
return(result.Any());
}
private static bool IsAdministratorNoCache(string username)
{
var ctx = GeneratePrincipalContext();
var up = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, username);
if (up != null)
{
PrincipalSearchResult <Principal> authGroups = up.GetAuthorizationGroups();
return(authGroups.Any(principal =>
principal.Sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountDomainAdminsSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid) ||
principal.Sid.IsWellKnown(WellKnownSidType.AccountEnterpriseAdminsSid)));
}
return(false);
}
//Проверяем, что пользователь в группе
public static bool CheckGroups(string domainName, string grouptoCheck)
{
try
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domainName);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx,
Environment.UserDomainName + "\\" + Environment.UserName); //получаем пользователя
if (user != null)
{
PrincipalSearchResult <Principal> groups = user.GetGroups(); //полкчаем группы пользователя
return(groups.Any(p => p.Name == grouptoCheck)); //проверяем, есть ли там искомая группа
}
}
catch (Exception e)
{
NLog.ExceptionToLog("Error starting app: " + e + "");
}
return(false);
}
public bool UserPresent(string username)
{
using (var domainContext = new PrincipalContext(ContextType.Domain, Environment.UserDomainName))
{
using (var user = new UserPrincipal(domainContext))
{
user.SamAccountName = username;
using (var pS = new PrincipalSearcher())
{
pS.QueryFilter = user;
using (PrincipalSearchResult <Principal> results = pS.FindAll())
{
if (results.Any())
{
return(true);
}
}
}
}
}
return(false);
}
public List <LicenseUserGroup> GetGroupMembers(Guid groupId)
{
using (var principalContext = new PrincipalContext(ContextType.Domain))
{
GroupPrincipal group = GetGroupPrincipal(principalContext, groupId);
var licenseGroupUsers = new List <LicenseUserGroup>();
try
{
using (PrincipalSearchResult <Principal> members = group.GetMembers())
{
if (!members.Any())
{
return(licenseGroupUsers);
}
foreach (Principal principal in members)
{
UserPrincipal user;
try
{
user = principal.Validate();
}
catch (Exception ex)
{
Logger.Error(ex.Message);
continue;
}
if (!user.Guid.HasValue)
{
continue;
}
LicenseUser localUser = GetUserById(user.Guid.Value);
if (localUser == null)
{
continue;
}
licenseGroupUsers.Add(new LicenseUserGroup
{
GroupId = groupId,
UserId = localUser.Id
});
}
return(licenseGroupUsers);
}
}
catch (COMException ex)
{
Logger.Warn($"There was a problem getting the members of group: {groupId}");
Logger.Error(ex.Message, ex);
return(licenseGroupUsers);
}
catch (AuthenticationException ex)
{
Logger.Warn($"There was a problem getting the members of group: {groupId}");
Logger.Error(ex.Message, ex);
return(licenseGroupUsers);
}
catch (PrincipalOperationException ex)
{
Logger.Error($"Group: {group.Name} has some invalid members. This will need to be manually corrected in Active Directory.");
Logger.Debug(ex.Message, ex);
return(licenseGroupUsers);
}
}
}
