VB.NET - How to see if Current User's Group Name matches a specified Group Name using Active Directory Roles and SID's
-
28-10-2019 - |
سؤال
I'm trying to match up a specific group name and see if it exists for the currently logged in user using Active Directory roles. If the Group Name exists for the Current User, I want that group name to be displayed in a drop down list. Example: If current user is in BIG Group, display BIG in drop down list.
Problem: All I am getting is SIDs and I'm not able to get anything to match up to the group name and nothing will show up in the drop down list.
I also get the following Error:
Error: Object variable or WIth block variable not set.
How do I fix this??
here is the code I am using:
Private Sub GetMarketingCompanies()
' code to populate marketing company drop down list based on the current logged in users active directory group that
' corresponds to which marketing company they are in
Dim irc As IdentityReferenceCollection
Dim ir As IdentityReference
irc = WindowsIdentity.GetCurrent().Groups
Dim strGroupName As String
For Each ir In irc
' Dim mktGroup As IdentityReference = ir.Translate(GetType(NTAccount))
MsgBox(mktGroup.Value)
Debug.WriteLine(mktGroup.Value)
strGroupName = mktGroup.Value.ToString
Next
For Each UserGroup In WindowsIdentity.GetCurrent().Groups
If mktGroup.Value = "BIG" Then
Dim Company = ac1.Cast(Of MarketingCompany).Where(Function(ac) ac.MarketingCompanyShort = "BIG").FirstOrDefault
If Company IsNot Nothing Then
marketingCo.Items.Add(String.Format("{0} | {1}", Company.MarketingCompanyShort, Company.MarketingCompanyName))
End If
End If
Next
Thanks for looking! Any helpful answers will be up-voted!
المحلول 3
I ended up doing the following to fix the code:
- deleting the the For loop that calls UserGroup In WindowsIdentity.GetCurrent().Groups
- putting all the code under the For Each Loop that calls IdentityReference In IdentityReferenceCollection
- adding mcisloaded boolean variable to make the admin, not admin if statements work
- disabling MsgBox(mktGroup.Value) as this was just for trial and error to see what values were getting returned
Here's the code:
Private Sub GetMarketingCompanies()
Try
Dim ac1 As Array
ac1 = proxy.GetMarketingCompanyNames("test", "test")
' code to populate marketing company drop down list based on the current logged in users active directory group that
' corresponds to which marketing company they are in
Dim irc As IdentityReferenceCollection
Dim ir As IdentityReference
irc = WindowsIdentity.GetCurrent().Groups
Dim strGroupName As String
Dim mcisloaded As Boolean
' Translate the current user's active directory groups
For Each ir In irc
Dim mktGroup As IdentityReference = ir.Translate(GetType(NTAccount))
' MsgBox(mktGroup.Value)
Debug.WriteLine(mktGroup.Value)
strGroupName = mktGroup.Value.ToString
' If the user is in the admin group, load all marketing companies
If mktGroup.Value = "ALG\ACOMP_USER_ADMIN" Then
mcisloaded = True
For Each item In ac1
marketingCo.Items.Add(String.Format("{0} | {1}", item.MarketingCompanyShort, item.MarketingCompanyName))
Next
End If
'If the user is not in the admin group, load marketing companies individually
If Not mktGroup.Value = "ALG\ACOMP_USER_ADMIN" Then
mcisloaded = False
If mcisloaded = False Then
If mktGroup.Value = "ALG\ACOMP_USER_BIG" Then
Dim Company = ac1.Cast(Of MarketingCompany).Where(Function(ac) ac.MarketingCompanyShort = "BIG").FirstOrDefault
If Company IsNot Nothing Then
marketingCo.Items.Add(String.Format("{0} | {1}", Company.MarketingCompanyShort, Company.MarketingCompanyName))
End If
End If
If mktGroup.Value = "ALG\ACOMP_USER_AMG" Then
Dim Company = ac1.Cast(Of MarketingCompany).Where(Function(ac) ac.MarketingCompanyShort = "AMG").FirstOrDefault
If Company IsNot Nothing Then
marketingCo.Items.Add(String.Format("{0} | {1}", Company.MarketingCompanyShort, Company.MarketingCompanyName))
End If
End If
' ... Code for loading the rest of the marketing groups
End If
End If
Update 6-7-11: Here's a cleaner version of cycling through all the active directory group names by using a string splitter to get the last 3 letters that identifies the marketing company, instead of a series of if statements for each marketing company:
Private Sub GetMarketingCompanies()
Try
Dim marketingCompanyNamesArray As Array
marketingCompanyNamesArray = proxy.GetMarketingCompanyNames("test", "test")
' code to populate marketing company drop down list based on the current logged in users active directory group that
' corresponds to which marketing company they are in
Dim identityReferenceCollection As IdentityReferenceCollection
Dim identityReference As IdentityReference
identityReferenceCollection = WindowsIdentity.GetCurrent().Groups
Dim strGroupName As String
Dim mcisloaded As Boolean
' Translate the current user's active directory groups
For Each identityReference In identityReferenceCollection
Dim mktGroup As IdentityReference = identityReference.Translate(GetType(NTAccount))
' MsgBox(mktGroup.Value)
' Debug.WriteLine(mktGroup.Value)
strGroupName = mktGroup.Value.ToString
' Locally User group is ALG\ACOMP_USER_ADMIN , deployed ALGWEB\ACOMP_USER_ADMIN
' If the user is in the admin group, load all marketing companies
If mktGroup.Value = "ALG\ACOMP_USER_ADMIN" Then
mcisloaded = True
For Each item In marketingCompanyNamesArray
marketingCo.Items.Add(String.Format("{0} | {1}", item.MarketingCompanyShort, item.MarketingCompanyName))
Next
Else
'If not admin user (mcisloaded = False) load each group individually if it appears in AD
' For Each UserGroup In WindowsIdentity.GetCurrent().Groups that begins with ALG\ACOMP_USER, load marketing companies
Dim MarketingCompanyShortName As String = ""
Dim mktGroupName As String = mktGroup.Value
If mktGroupName.StartsWith("ALG\ACOMP_USER") Then
Dim marketingGroupNameParts() As String = Split(mktGroupName, "_")
'Load MarketingCompanyShortName from the end of marketingGroupNameParts - example: ACOMP_USER_BIG
MarketingCompanyShortName = marketingGroupNameParts(2)
'If MarketingCompanyShortName exists, load it into the dropdownlist
Dim Company = marketingCompanyNamesArray.Cast(Of MarketingCompany).Where(Function(ac) ac.MarketingCompanyShort = MarketingCompanyShortName).FirstOrDefault
If Company IsNot Nothing Then
marketingCo.Items.Add(String.Format("{0} | {1}", Company.MarketingCompanyShort, Company.MarketingCompanyName))
End If
End If
End If
نصائح أخرى
I'm not sure what you are referring to by roles but the following will list the current users groups (both local and domain):
For Each ir As IdentityReference In WindowsIdentity.GetCurrent.Groups
Debug.WriteLine(CType(ir.Translate(GetType(NTAccount)), NTAccount).Value)
Next
In response to your answer - Strikes me that if this is what you want to do the following is probably more efficient and easier to read:
Dim p As WindowsPrincipal = New WindowsPrincipal(WindowsIdentity.GetCurrent())
If p.IsInRole("ALG\ACOMP_USER_ADMIN") Then
'load all groups
ElseIf p.IsInRole("ALG\ACOMP_USER_BIG") Then
'load BIG groups
ElseIf p.IsInRole("ALG\ACOMP_USER_AMG") Then
'load AMG groups
'etc
End If