[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

vb.net and checking for local admin rights

Posted on 2014-12-10
4
Medium Priority
?
104 Views
Last Modified: 2014-12-17
I have a button click which checks to see if a domain user is a member of the local admin group on a workstation.  It works when i supply a local workstation username, but when i supply a domain account, it tells me everytime theyre not apart of the admin group when theyre:

  Public Shared Function IsMemberOfGroup(userName As String, machineName As String, memberGroup As String) As Boolean
        Dim isMember As Boolean = False
        Using rootContext As New PrincipalContext(ContextType.Machine, machineName), _
              grp As GroupPrincipal = GroupPrincipal.FindByIdentity(rootContext, memberGroup), _
              usr As UserPrincipal = UserPrincipal.FindByIdentity(rootContext, IdentityType.SamAccountName, userName)
            If grp IsNot Nothing AndAlso usr IsNot Nothing Then
                ' Check if the user is a member of the group.
                isMember = grp.GetMembers(True).Contains(usr)
            Else
                isMember = False
            End If
        End Using
        Return isMember
    End Function

    Private Sub Button15_Click_1(sender As Object, e As EventArgs) Handles Button15.Click
        Dim str As String = tbUser.Text
        str = str.Remove(0, 5)
        Dim localusrname As String = str
        If IsMemberOfGroup(localusrname, TextBox1.Text, "administrators") Then
            tbadmin.Text = "Admin rights granted to " & tbUser.Text & " on Workstation: " & TextBox1.Text & " and Primary User has been updated in the local Registry."
        Else
            tbadmin.Text = "Admin rights have not been updated yet for " & tbUser.Text & " on Workstation: " & TextBox1.Text & "." & " Make sure you run the Fix Admin Rights tool first!" & " If you have, please verify it is successful and the user has access to the correct group, then reboot and re-check."
        End If
    End Sub

Open in new window

0
Comment
Question by:derek7467
  • 3
4 Comments
 
LVL 25

Expert Comment

by:chaau
ID: 40492667
For the group you need to use GroupPrincipal.FindByIdentity method:
Public Shared Function IsGroupMemberOfGroup(group As String, machineName As String, memberGroup As String) As Boolean
        Dim isMember As Boolean = False
        Using rootContext As New PrincipalContext(ContextType.Machine, machineName), _
              grp As GroupPrincipal = GroupPrincipal.FindByIdentity(rootContext, memberGroup), _
              grp1 As GroupPrincipal = GroupPrincipal.FindByIdentity(rootContext, IdentityType.SamAccountName, group)
            If grp IsNot Nothing AndAlso usr IsNot Nothing Then
                ' Check if the user is a member of the group.
                isMember = grp.GetMembers(True).Contains(grp1)
            Else
                isMember = False
            End If
        End Using
        Return isMember
    End Function

Open in new window

0
 

Author Comment

by:derek7467
ID: 40496027
Why is there a group and a membergroup?  Where do i define who the user is im searching for?
0
 

Accepted Solution

by:
derek7467 earned 0 total points
ID: 40496335
0
 

Author Closing Comment

by:derek7467
ID: 40504366
the info found on the link i provided resolved my issue
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
The PowerShell Core 6.0 of .NET release is just the beginning. The upcoming PowerShell Core 6.1 would have artificial intelligence and internet of things capabilities. So many things to look forward to in the upcoming release.
Hi, this video explains a free download that you can incorporate into your Access databases, or use stand-alone for contact management. Contacts -- Names, Addresses, Phone Numbers, eMail Addresses, Websites, Lists, Projects, Notes, Attachments…
Get the source code for a fully functional Access application shell with several popular security features that Access VBA application developers desire, but find difficult or impossible to figure out how to code. You get the source code for managi…
Suggested Courses
Course of the Month9 days, 21 hours left to enroll

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question