internal SecurityIdentifier GetUpnSid() { if (!this.hasUpnSidBeenComputed) { lock (this.thisLock) { string resource = (string)base.IdentityClaim.Resource; if (!this.hasUpnSidBeenComputed) { try { NTAccount account = new NTAccount(resource); this.upnSid = account.Translate(typeof(SecurityIdentifier)) as SecurityIdentifier; } catch (Exception exception) { if (Fx.IsFatal(exception)) { throw; } if (exception is NullReferenceException) { throw; } SecurityTraceRecordHelper.TraceSpnToSidMappingFailure(resource, exception); } finally { this.hasUpnSidBeenComputed = true; } } } } return(this.upnSid); }
static SecurityIdentifier GetUserSecurityIdentifier(string name) { NTAccount acct = new NTAccount(Environment.MachineName, name); SecurityIdentifier id = (SecurityIdentifier)acct.Translate(typeof(SecurityIdentifier)); return(id); }
private string _TranslateUserNameToSid(string username) { NTAccount ntAcct = new NTAccount(username); SecurityIdentifier sid = (SecurityIdentifier)ntAcct.Translate(typeof(SecurityIdentifier)); return(sid.ToString()); }
static string GetSidForUser(string username) { var account = new NTAccount(username); var sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier)); return(sid.ToString()); }
private void UpdateOnedriveInfo() { onedriveButton.Enabled = false; //ModifyRegistry.ModifyRegistry userShellFolders = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, @"Microsoft", @"Windows\CurrentVersion\Explorer\User Shell Folders"); ModifyRegistry.ModifyRegistry userShellFolders = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, "Microsoft", @"Windows\CurrentVersion\Explorer\User Shell Folders"); ModifyRegistry.ModifyRegistry onedriveFolder = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, @"Microsoft", @"OneDrive\Accounts\Business1"); ModifyRegistry.ModifyRegistry onedriveVersionFolder = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, @"Microsoft", @"Onedrive"); string user = Environment.UserName; NTAccount currentUser = new NTAccount(user); SecurityIdentifier sid = (SecurityIdentifier)currentUser.Translate(typeof(SecurityIdentifier)); SID.Text = sid.ToString(); desktopLocation.Text = userShellFolders.ReadString("{754AC886-DF64-4CBA-86B5-F7FBF4FBCEF5}"); documents.Text = userShellFolders.ReadString("Personal"); deviceID.Text = HardwareLibrary.DeviceID(); LoadAdminGroup(); bool onedriveInstalled = (onedriveFolder.ReadString(@"UserFolder") == null) ? false : true; if (onedriveInstalled) { onedrive.Text = onedriveFolder.ReadString("UserFolder"); version.Text = onedriveVersionFolder.ReadString("Version"); Thread.Sleep(200); onedriveButton.Enabled = true; } }
public static SecurityIdentifier GetSidFromClaim(string claimValue) { SecurityIdentifier sid = null; SPClaimProviderManager claimManager = SPClaimProviderManager.Local; if (claimManager == null) { throw new ApplicationException("Unable to access the claims provider manager."); } try { SPClaim claim = claimManager.DecodeClaim(claimValue); if (claim.OriginalIssuer.Equals("Windows", StringComparison.OrdinalIgnoreCase)) { if (claim.ClaimType.Equals(Microsoft.IdentityModel.Claims.ClaimTypes.GroupSid, StringComparison.OrdinalIgnoreCase)) { sid = new SecurityIdentifier(claim.Value); } else if (claim.ClaimType.Equals(Microsoft.SharePoint.Administration.Claims.SPClaimTypes.UserLogonName, StringComparison.OrdinalIgnoreCase)) { NTAccount userAccount = new NTAccount(claim.Value); sid = (SecurityIdentifier)userAccount.Translate(typeof(SecurityIdentifier)); } } } catch (ArgumentException currentException) { GlymaSearchLogger.WriteTrace(LogCategoryId.Security, TraceSeverity.Unexpected, "The following exception occured when attempting to decode the claim, " + claimValue + " : " + currentException.ToString()); } return(sid); }
internal static string GetFormattedLocalUserSid(string windowsUsername) { var ntaccount = new NTAccount("", windowsUsername); var sid = ntaccount.Translate(typeof(SecurityIdentifier)).Value; return(String.Format(CultureInfo.InvariantCulture, "D:(A;;CC;;;{0})", sid)); }
/// <summary> /// Deletes the user profile. /// </summary> /// <param name="userName">Name of the user.</param> /// <param name="domainName">The domain name of the user to act as.</param> public static void DeleteUserProfile(string userName, string domainName) { NTAccount ntaccount = new NTAccount(domainName, userName); string userSid = ntaccount.Translate(typeof(SecurityIdentifier)).Value; bool retry = true; int retries = 2; while (retry && retries > 0) { retry = false; if (!DeleteProfile(userSid, null, null)) { int errorCode = Marshal.GetLastWin32Error(); // Error Code 2: The user profile was not created or was already deleted if (errorCode == 2) { return; } // Error Code 87: The user profile is still loaded. else if (errorCode == 87) { retry = true; retries--; } else { throw new Win32Exception(errorCode); } } } }
static void CreateDatabase(SlkSPSiteMapping mapping, string databaseName, string appPoolAccountName, string databaseSchema) { // restrict the characters in <databaseName> if (!Regex.Match(databaseName, @"^\w+$").Success) { throw new SafeToDisplayException(SlkCulture.GetResources().InvalidDatabaseName, databaseName); } // if <appPoolAccountName> is null, set it to the name of the application pool account // (e.g. "NT AUTHORITY\NETWORK SERVICE"); set <appPoolSid> to its SID byte[] appPoolSid = null; if (appPoolAccountName == null) { using (SPSite site = new SPSite(mapping.SPSiteGuid)) { appPoolAccountName = site.WebApplication.ApplicationPool.Username; } } NTAccount appPoolAccount = new NTAccount(appPoolAccountName); SecurityIdentifier securityId = (SecurityIdentifier)appPoolAccount.Translate(typeof(SecurityIdentifier)); appPoolSid = new byte[securityId.BinaryLength]; securityId.GetBinaryForm(appPoolSid, 0); SlkUtilities.ImpersonateAppPool(delegate() { CreateDatabase(mapping.DatabaseServerConnectionString, databaseName, mapping.DatabaseConnectionString, appPoolAccountName, appPoolSid, databaseSchema); }); }
public MethodStatus SetPermission(string domain, string userName, AccessMaskTypes amtype) { NTAccount account = new NTAccount(domain, userName); SecurityIdentifier sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier)); byte[] sidArray = new byte[sid.BinaryLength]; sid.GetBinaryForm(sidArray, 0); ManagementObject trustee = new ManagementClass(new ManagementPath("Win32_Trustee"), null); trustee["Domain"] = domain; trustee["Name"] = userName; trustee["SID"] = sidArray; ManagementObject adminACE = new ManagementClass(new ManagementPath("Win32_Ace"), null); adminACE["AccessMask"] = (int)amtype; adminACE["AceFlags"] = 3; adminACE["AceType"] = 0; adminACE["Trustee"] = trustee; ManagementObject secDescriptor = new ManagementClass(new ManagementPath("Win32_SecurityDescriptor"), null); secDescriptor["ControlFlags"] = 4; //SE_DACL_PRESENT secDescriptor["DACL"] = new object[] { adminACE }; object result = _winShareObject.InvokeMethod("SetShareInfo", new object[] { int.MaxValue, Description, secDescriptor }); uint r = Convert.ToUInt32(result); return((MethodStatus)r); }
// To check if the required environment variable exists for the given User Name public bool EnvironmentVariableExists(string domainName, string userName) { try { NTAccount f = new NTAccount(domainName, userName); SecurityIdentifier s = (SecurityIdentifier)f.Translate(typeof(SecurityIdentifier)); string sidString = s.ToString(); var regView = (Environment.Is64BitOperatingSystem ? RegistryView.Registry64 : RegistryView.Registry32); var baseKey = RegistryKey.OpenBaseKey(RegistryHive.Users, regView); var baseKeyPath = Path.Combine(sidString, "Environment"); var environmentKey = baseKey.OpenSubKey(baseKeyPath); var envVariable = environmentKey.GetValue(EnvironmentVariableName); if (envVariable != null) { EnvironmentVariableValue = envVariable.ToString(); return(true); } return(false); } catch (Exception ex) { return(false); } }
private static string SidFromDotNetFcl(string username) { var account = new NTAccount(username); var sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier)); return(sid.ToString()); }
private static string GetAllowDaclFromUserName(string userName) { NTAccount entryPointRunAsUser = new NTAccount(userName); SecurityIdentifier entryPointRunAsUserSid = (SecurityIdentifier)entryPointRunAsUser.Translate(typeof(SecurityIdentifier)); return(GetAllowDacl(entryPointRunAsUserSid)); }
public static void RemoveUser(string targetDir, string user, string windowsUser, string userHomeDir, string userShell) { string passwdFile = Path.Combine(targetDir, "etc", "passwd"); string userSID = null; try { var objUser = new NTAccount(windowsUser); userSID = ((SecurityIdentifier)objUser.Translate(typeof(SecurityIdentifier))).Value; } catch { throw new Exception(string.Format("Could not get SID for user {0}. Aborting.", windowsUser)); } string usersGroupSID = CygwinPasswd.GetNoneGroupSID(); Logger.Debug("Setting up user in passwd file..."); string uid = userSID.Split('-').Last(); string gid = usersGroupSID.Split('-').Last(); string userHomeDirLinux = LinuxFiles.Cygpath(userHomeDir); userShell = LinuxFiles.Cygpath(userShell); string match = string.Format("{0}:unused:{1}:{2}:{3},{4}:{5}:{6}", user, uid, gid, windowsUser, userSID, userHomeDirLinux, userShell); List <string> content = File.ReadAllLines(passwdFile).ToList(); content.Remove(match); File.WriteAllLines(passwdFile, content, Encoding.ASCII); }
internal static string GetSID(string _userid) { NTAccount acc = new NTAccount(_userid); SecurityIdentifier sid = (SecurityIdentifier)acc.Translate(typeof(SecurityIdentifier)); return(sid.ToString()); }
/// <summary> /// This is a demo of the older (circa 2002) approach to doing Identity and Principal authentication/authorization. It demonstrates /// the IPrincipal and IIdentity approaches by creating a WindowsIdentity which implements the IIdentity interface. /// </summary> static void IdentityDemo() { WindowsIdentity id = WindowsIdentity.GetCurrent(); System.Console.WriteLine("Windows Account Name: " + id.Name); var account = new NTAccount(id.Name); System.Console.WriteLine("Windows Account SID: " + account.Translate(typeof(SecurityIdentifier))); System.Console.WriteLine(); System.Console.WriteLine("Groups ..."); foreach (var group in id.Groups.Translate(typeof(NTAccount))) { System.Console.WriteLine(" " + group); } WindowsPrincipal principal = new WindowsPrincipal(id); var domainGroup = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, id.User.AccountDomainSid); System.Console.WriteLine("Domain Group ..."); System.Console.WriteLine("SID: " + domainGroup.AccountDomainSid); System.Console.WriteLine("Name: " + domainGroup.Translate(typeof(NTAccount))); System.Console.WriteLine("Is in Role: " + principal.IsInRole(domainGroup)); // Note that the windows principal is not set as the current thread principal. System.Console.WriteLine("Current Identity Name: " + ClaimsPrincipal.Current.Identity.Name); Thread.CurrentPrincipal = principal; System.Console.WriteLine("Current Identity Name: " + ClaimsPrincipal.Current.Identity.Name); }
static DiscretionaryAcl BuildAclFromConfig() { DiscretionaryAcl dacl = new DiscretionaryAcl(false, false, 1); string authorizationLocation = @"..\..\AuthorizationList.xml"; XPathDocument xpathDoc = new XPathDocument(authorizationLocation); XPathNavigator xpathNav = xpathDoc.CreateNavigator(); xpathNav = xpathNav.SelectSingleNode("remotingAuthorization"); if (xpathNav.HasChildren) { xpathNav.MoveToChild(XPathNodeType.Element); do { AccessControlType accessType = (AccessControlType)Enum.Parse(typeof(AccessControlType), xpathNav.Name); Console.WriteLine(xpathNav.Name); xpathNav.MoveToAttribute("users", xpathNav.NamespaceURI); Console.WriteLine(xpathNav.Name); Console.WriteLine(xpathNav.Value); NTAccount account = new NTAccount(xpathNav.Value); dacl.AddAccess( accessType, (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier)), -1, InheritanceFlags.None, PropagationFlags.None); xpathNav.MoveToParent(); } while (xpathNav.MoveToNext(XPathNodeType.Element)); } return(dacl); }
internal protected SecurityAccount(SecurityCache parent, IdentityReference ident) { NTAccount = ident as NTAccount; if (NTAccount != null) { Sid = (SecurityIdentifier)NTAccount.Translate(typeof(SecurityIdentifier)); IsMapped = true; } else { Sid = (SecurityIdentifier)ident; try { NTAccount = (NTAccount)Sid.Translate(typeof(NTAccount)); IsMapped = true; } catch { NTAccount = new NTAccount("unknown", Sid.Value); } } IsAccoundSid = Sid.IsAccountSid(); for (int i = 0; i < wellKnownTypes.Length; i++) { if (!Sid.IsWellKnown(wellKnownTypes[i])) { continue; } WellKnownSid = wellKnownTypes[i]; break; } IsGroup = IsMapped && isGroup(parent); }
private void BtnDeleteUsers_Click(object sender, EventArgs e) { if (MessageToUser("Czy chcesz usunąć użytkownika z komputera?", "Usuwanie użytkownika")) { if (MessageToUser("Czy jesteś pewien?", "Usuwanie użytkownika")) { var UserObj = ComboBoxUsers.SelectedItem.ToString(); var objSID = new NTAccount(UserObj); var keepData = true; if (PuzzelLibrary.Settings.Values.SaveUserData == false) { keepData = MessageToUser("Czy chcesz zachować dane?", "Usuwanie użytkownika"); } try { var objUser = objSID.Translate(typeof(SecurityIdentifier)); new PuzzelLibrary.QuickFix.DeleteUsers(_HostName).saveDeleteUserData(UserObj, keepData); } catch (IdentityNotMappedException) { new PuzzelLibrary.QuickFix.DeleteUsers(_HostName).saveDeleteUserData(UserObj, keepData); } } } }
public string GetSID(string userName) { var account = new NTAccount(null, userName); var securityIdentifier = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier)); return(securityIdentifier.ToString()); }
public void AddUser(string user) { NTAccount account = new NTAccount(user); SecurityIdentifier sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier)); AddSecurityIdentifier(sid); }
public string GetPathEnvironmentVariable(string domainName, string userName) { try { NTAccount f = new NTAccount(domainName, userName); SecurityIdentifier s = (SecurityIdentifier)f.Translate(typeof(SecurityIdentifier)); string sidString = s.ToString(); var regView = (Environment.Is64BitOperatingSystem ? RegistryView.Registry64 : RegistryView.Registry32); var baseKey = RegistryKey.OpenBaseKey(RegistryHive.Users, regView); var baseKeyPath = Path.Combine(sidString, "Environment"); var environmentKey = baseKey.OpenSubKey(baseKeyPath); var variableNames = environmentKey.GetValueNames(); string pathVariableVal = string.Empty; foreach (var varName in variableNames) { if (varName.ToLower().Equals("path")) { pathVariableVal = environmentKey.GetValue(varName).ToString(); break; } } return(pathVariableVal); } catch (Exception ex) { throw ex; } }
/// <summary> /// Remove Authorization Delegate /// </summary> private void RemoveDelegate() { // USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Users //Sql Storage connection string string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password"; //Create an instance of SqlAzManStorage class IAzManStorage storage = new SqlAzManStorage(sqlConnectionString); IAzManStore mystore = storage.GetStore("My Store"); //or storage["My Store"] IAzManApplication myapp = mystore.GetApplication("My Application"); IAzManItem myop = myapp.GetItem("My Operation"); //Retrieve current user identity (delegating user) WindowsIdentity userIdentity = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); //for Windows Applications //WindowsIdentity userIdentity = this.Request.LogonUserIdentity; //for ASP.NET Applications //Retrieve delegate user Login NTAccount delegateUserLogin = new NTAccount("DOMAIN", "delegateuseraccount"); //Retrieve delegate user SID SecurityIdentifier delegateSID = (SecurityIdentifier)delegateUserLogin.Translate(typeof(SecurityIdentifier)); IAzManSid delegateNetSqlAzManSID = new SqlAzManSID(delegateSID); //Estabilish delegate authorization (only Allow or Deny) RestrictedAuthorizationType delegateAuthorization = RestrictedAuthorizationType.Allow; //Remove delegate and all custom attributes myop.DeleteDelegateAuthorization(userIdentity, delegateNetSqlAzManSID, delegateAuthorization); }
private static bool GetSID(string userAccount, out string sid) { bool ReturnValue = false; // Defaults sid = null; try { NTAccount Account; SecurityIdentifier SID; if (userAccount.Contains(@"\")) { userAccount = userAccount.Substring(userAccount.IndexOf(@"\") + 1); } Account = new NTAccount(userAccount); SID = (SecurityIdentifier)Account.Translate(typeof(SecurityIdentifier)); sid = SID.ToString(); ReturnValue = true; } catch (Exception) { ReturnValue = false; } return(ReturnValue); }
public static void ResetOwnershipAndRelinquishControl(String fileName) { // // at least, I think this is SDDL format // const String trustedInstallerSidSddl = @"S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464 "; NativeMethods.EnableProcessToken(NativeMethods.SePrivileges.TakeOwnership); NativeMethods.EnableProcessToken(NativeMethods.SePrivileges.Restore); FileInfo file = new FileInfo(fileName); // TrustedInstaller is the default owner of system files in Vista, this adds an additional layer of system protection // So you need to Take Ownership, then add permission for yourself to do whatever it is you're doing SecurityIdentifier builtinAdministratorsGroupSid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null); // SecurityIdentifier trustedInstallerSid = new SecurityIdentifier( trustedInstallerSidSddl ); NTAccount trustedInstallerServiceAccount = new NTAccount("NT Service\\TrustedInstaller"); SecurityIdentifier trustedInstallerSid = (SecurityIdentifier)trustedInstallerServiceAccount.Translate(typeof(SecurityIdentifier)); // Change Ownership FileSecurity ownerSec = file.GetAccessControl(AccessControlSections.Owner); ownerSec.SetOwner(trustedInstallerSid); file.SetAccessControl(ownerSec); // Reliquish Full Control FileSecurity aclSec = file.GetAccessControl(AccessControlSections.Access); aclSec.RemoveAccessRule(new FileSystemAccessRule(builtinAdministratorsGroupSid, FileSystemRights.FullControl, AccessControlType.Allow)); file.SetAccessControl(aclSec); }
public void Can_find_sid() { var account = new NTAccount(_testUser.Username); string sid = account.Translate(typeof(SecurityIdentifier)).Value; Console.Out.WriteLine("sid = {0}", sid); }
private static string GetNTAccountSecIdentifier() { NTAccount nTAccount = new NTAccount(WindowsIdentity.GetCurrent().Name); SecurityIdentifier securityIdentifier = (SecurityIdentifier)nTAccount.Translate(typeof(SecurityIdentifier)); return(securityIdentifier.ToString()); }
//load hives public static void loadUserRegistryHive(string username) { string wimHivePath = "C:\\Users\\" + username + "\\ntuser.dat"; try { NTAccount f = new NTAccount(username); SecurityIdentifier s = (SecurityIdentifier)f.Translate(typeof(SecurityIdentifier)); string sidString = s.ToString(); string[] loadedHives = Registry.Users.GetSubKeyNames(); bool foundUserName = false; foreach (string hiveName in loadedHives) { if (hiveName.Equals(sidString)) { foundUserName = true; } } if (!foundUserName) { string loadedHiveKey = RegistryInterop.Load(wimHivePath, sidString); Console.WriteLine("Key Loaded: {0}", loadedHiveKey); } } catch (Exception) { Console.WriteLine("Could not resolve sid for user: {0}", username); } }
private SecurityIdentifier GetDomainSid() { var administratorAcount = new NTAccount(this._ldapSettings.DomainName, "administrator"); var administratorSId = (SecurityIdentifier)administratorAcount.Translate(typeof(SecurityIdentifier)); return(administratorSId.AccountDomainSid); }
/// <summary> /// Gets the SID for the associated Windows user. /// </summary> /// <returns> /// The SID for the Windows user. /// </returns> private string GetSid() { // Verify that the username was provided if (string.IsNullOrEmpty(Name)) { return(string.Empty); } try { // Get the account for the username NTAccount account = new NTAccount(Name); // Try to get the security identifier for the username SecurityIdentifier identifier = (SecurityIdentifier)account.Translate( typeof(SecurityIdentifier)); // Return the string value of the identifier return(identifier.Value); } catch (IdentityNotMappedException) { // If the identity could not be mapped, just return an empty string return(string.Empty); } }
protected void btnUndelegate_Click(object sender, EventArgs e) { NTAccount delegatedNTAccount = new NTAccount("ProductManager1"); SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier)); IAzManItem item = this.application["Controllo del Budget"]; item.DeleteDelegateAuthorization(this.identity, new SqlAzManSID(delegatedSid), RestrictedAuthorizationType.Allow); this.btnDelegateForBudgetCheck.Enabled = true; this.btnUndelegate.Enabled = false; }
protected void btnDelegateForBudgetCheck_Click(object sender, EventArgs e) { NTAccount delegatedNTAccount = new NTAccount("ProductManager1"); SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier)); this.application.Store.Storage.OpenConnection(); this.application.Store.Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); IAzManAuthorization delegateAuthorization = this.application["Controllo del Budget"].CreateDelegateAuthorization(this.identity, new SqlAzManSID(delegatedSid), RestrictedAuthorizationType.Allow, null, null); delegateAuthorization.CreateAttribute("SomeBusinessAttribute", "Business profile data"); this.application.Store.Storage.CommitTransaction(); this.application.Store.Storage.CloseConnection(); this.btnDelegateForBudgetCheck.Enabled = false; this.btnUndelegate.Enabled = true; }
protected void Page_Load(object sender, EventArgs e) { IAzManStorage storage = new SqlAzManStorage(ConfigurationManager.ConnectionStrings["NetSqlAzManStorage"].ConnectionString); this.application = storage[ConfigurationManager.AppSettings["StoreName"]][ConfigurationManager.AppSettings["ApplicationName"]]; //Get user Identity this.identity = this.Request.LogonUserIdentity; this.lblIAM.Text = this.identity.Name; //Print DateTime this.lblDateTime.Text = DateTime.Now.ToString(); //Check Access on Items this.application.Store.Storage.OpenConnection(); this.btnBudgetCheck.Enabled = this.checkAccessHelper("Controllo del Budget"); this.btnCustomerRelationshipManagement.Enabled = this.checkAccessHelper("Relazioni con i Clienti"); this.btnConstraintCheck.Enabled = this.checkAccessHelper("Controllo dei Vincoli"); this.btnTimesheetCheck.Enabled = this.checkAccessHelper("Approvazione del TimeSheet"); this.btnTimesheetCompile.Enabled = this.checkAccessHelper("Compilazione del Timesheet"); this.btnDevelopment.Enabled = this.checkAccessHelper("Sviluppo"); //Can delegate ? NTAccount delegatedNTAccount = new NTAccount("ProductManager1"); SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier)); bool canDelegate = this.checkAccessForDelegationHelper("Controllo del Budget"); bool alreadyDelegate = this.application["Controllo del Budget"].GetAuthorizations(new SqlAzManSID(this.identity.User), new SqlAzManSID(delegatedSid)).Length > 0; this.btnDelegateForBudgetCheck.Enabled = canDelegate && !alreadyDelegate; this.btnUndelegate.Enabled = canDelegate && alreadyDelegate; //Attributes IAzManAuthorization[] auths = this.application["Controllo del Budget"].GetAuthorizationsOfMember(new SqlAzManSID(this.identity.User)); string toolTip = String.Empty; foreach (IAzManAuthorization auth in auths) { IAzManAttribute<IAzManAuthorization>[] attribs = auth.GetAttributes(); foreach (IAzManAttribute<IAzManAuthorization> attrib in attribs) { toolTip += String.Format("{0} - {1}\r\n", attrib.Key, attrib.Value); } } this.btnBudgetCheck.ToolTip = toolTip; this.application.Store.Storage.CloseConnection(); }