public static bool CheckForSidInToken(SecurityIdentifier principalSid, SecurityIdentifier sidToCheck, SecurityIdentifier requestContext = null)
{
if (principalSid == null)
{
throw new ArgumentNullException(nameof(principalSid));
}
if (sidToCheck == null)
{
throw new ArgumentNullException(nameof(sidToCheck));
}
if (principalSid == sidToCheck)
{
return(true);
}
string server;
if (requestContext == null || requestContext.IsEqualDomainSid(NativeMethods.CurrentDomainSid))
{
server = null;
}
else
{
string dnsDomain = NativeMethods.GetDnsDomainNameFromSid(requestContext.AccountDomainSid);
server = NativeMethods.GetDomainControllerForDnsDomain(dnsDomain);
}
using AuthorizationContext context = new AuthorizationContext(principalSid, server);
return(context.ContainsSid(sidToCheck));
}
private static bool GetServiceStatus()
{
using (AuthorizationContext c = new AuthorizationContext(WindowsIdentity.GetCurrent().AccessToken))
{
return(c.ContainsSid(new SecurityIdentifier("S-1-5-6")));
}
}
private bool CheckForSidInToken(SecurityIdentifier principalSid, SecurityIdentifier sidToCheck, SecurityIdentifier requestContext = null)
{
if (principalSid == null)
{
throw new ArgumentNullException(nameof(principalSid));
}
if (sidToCheck == null)
{
throw new ArgumentNullException(nameof(sidToCheck));
}
if (principalSid == sidToCheck)
{
return(true);
}
if (requestContext == null || requestContext.IsEqualDomainSid(CurrentDomainSid))
{
using (AuthorizationContext context = new AuthorizationContext(principalSid))
{
return(context.ContainsSid(sidToCheck));
}
}
else
{
string dnsDomain = discoveryServices.GetDomainNameDns(requestContext.AccountDomainSid);
return(this.discoveryServices.Find2012DcAndExecuteWithRetry(dnsDomain, dc =>
{
using (AuthorizationContext context = new AuthorizationContext(principalSid, dc))
{
return context.ContainsSid(sidToCheck);
}
}));
}
}
