private IEnumerable <SecurityIdentifier> GetTokenGroups(SecurityIdentifier principalSid, SecurityIdentifier requestContext = null) { if (principalSid == null) { throw new ArgumentNullException(nameof(principalSid)); } if (requestContext == null || requestContext.IsEqualDomainSid(CurrentDomainSid)) { using (AuthorizationContext context = new AuthorizationContext(principalSid)) { return(context.GetTokenGroups().ToList()); // Force the enumeration now before the context goes out of scope } } else { string dnsDomain = discoveryServices.GetDomainNameDns(requestContext.AccountDomainSid); return(this.discoveryServices.Find2012DcAndExecuteWithRetry(dnsDomain, dc => { using (AuthorizationContext context = new AuthorizationContext(principalSid, dc)) { return context.GetTokenGroups().ToList(); // Force the enumeration now before the context goes out of scope } })); } }
public static IEnumerable <SecurityIdentifier> GetTokenGroups(SecurityIdentifier principalSid, SecurityIdentifier requestContext = null) { if (principalSid == null) { throw new ArgumentNullException(nameof(principalSid)); } string server; if (requestContext == null || requestContext.IsEqualDomainSid(NativeMethods.CurrentDomainSid)) { server = null; } else { string dnsDomain = NativeMethods.GetDnsDomainNameFromSid(requestContext.AccountDomainSid); server = NativeMethods.GetDomainControllerForDnsDomain(dnsDomain); } using AuthorizationContext context = new AuthorizationContext(principalSid, server); return(context.GetTokenGroups().ToList()); // Force the enumeration now before the context goes out of scope }