Hi Son,
I believe you mean User Group or User Role. All that stuff is in System.Security.Principal
You can get a WindowsIdentity from the user running the code with
WindowsIdentity wi = WindowsIdentity.GetCurrent();
Then you can get all roles for that identity by using Type.InvokeMember, cleverly demonstrated by Joe Kaplan and translated to C# by Chris Taylor
http://dotnetjunkies.com/WebLog/chris.taylor/archive/2004/02/25/7945.aspx
public static string[] GetWindowsIdentityRoles( WindowsIdentity identity )
{
object result = typeof(WindowsIdentity).InvokeMember( "_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, identity, new object[]{identity.Token}, null );
return (string[])result;
}
You can also test if a user is a member of a specific role like BUILTIN\Administrators
WindowsPrincipal wp = new WindowsPrincipal(wi); // wi = WindowsIdentity.GetCurrent()
if(wp.IsInRole("BUILTIN\\Administrators"))
// someone with administrator rights
