|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Getting the domain name of the current serversmart client connect to a remote database via IIS. There are certain functions that we only want the user to be able to access if they are members of a certain group on the server. When the application is deployed, the group will be a domain group, but for our developers the group is a local group on the development machines. To check the group membership, I am using the HttpContext.Current.User.IsInRole(groupName) where groupname is checked as System.Environment.MachineName & "\" & groupname and then as <domainName> & "\" & groupname My problem is how to get the domain name of the machine that is hosting the remoting. In our development environment, the domain of the development server is different from the domain the users are defined in, so we can't use the System.Environment.UserDomainName. Can anyone tell me how I can get the name of the domain that the remoting host is a member of? TIA Ron Lounsbury this is inelegant and I am sure that there is a better way, but...
why not just create a remotable object that returns this information to callers? there should also be a way to do this with Active Directory... Stand__Sure
Thanks for the response. That is essentially what I am trying to do, but I haven't been able to find a way to say "what domain is the server I am on a member of". Ron L Show quoteHide quote "stand__sure" <stand__s***@hotmail.com> wrote in message news:1118820390.614006.264100@g43g2000cwa.googlegroups.com... > this is inelegant and I am sure that there is a better way, but... > why not just create a remotable object that returns this information to > callers? > > there should also be a way to do this with Active Directory... > Hello Ron,
the UserDomain/UserDnsDomain environment variable contains this information. --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com Show quoteHide quote > Stand__Sure > Thanks for the response. That is essentially what I am trying to > do, > but I haven't been able to find a way to say "what domain is the > server I am > on a member of". > > Ron L > > "stand__sure" <stand__s***@hotmail.com> wrote in message > news:1118820390.614006.264100@g43g2000cwa.googlegroups.com... > >> this is inelegant and I am sure that there is a better way, but... >> why not just create a remotable object that returns this information >> to >> callers? >> there should also be a way to do this with Active Directory... >> Dominick
Thanks for the response. Won't this give me the domain that the user is in, not necessarily the domain that the system is in? My concern is that in the case where a users is a member of a trusted domain, the server's domain is where I would have the group I need to check for the user's membership, so I need to get the domain that the server is in to be able to check the user's group membership. Ron L Show quoteHide quote "Dominick Baier [DevelopMentor]" <dbaier@pleasepleasenospamdevelop.com> wrote in message news:486029632544619001099392@news.microsoft.com... > Hello Ron, > > the UserDomain/UserDnsDomain environment variable contains this > information. > > --------------------------------------- > Dominick Baier - DevelopMentor > http://www.leastprivilege.com > >> Stand__Sure >> Thanks for the response. That is essentially what I am trying to >> do, >> but I haven't been able to find a way to say "what domain is the >> server I am >> on a member of". >> >> Ron L >> >> "stand__sure" <stand__s***@hotmail.com> wrote in message >> news:1118820390.614006.264100@g43g2000cwa.googlegroups.com... >> >>> this is inelegant and I am sure that there is a better way, but... >>> why not just create a remotable object that returns this information >>> to >>> callers? >>> there should also be a way to do this with Active Directory... >>> > > > Have you solved this? I have the same problem except that my application can
be deployed to any computer. I need to determine, at runtime, whether to use a local group or a domain group to form the group name for IsInRole. -- Doug Van Vreede Doug
No, I haven't come up with anything. For the moment I am coding around it and moving on. If you find anything, I would be very interested. Ron L Show quoteHide quote "Doug V" <Do***@discussions.microsoft.com> wrote in message news:1B72552D-01D1-4212-9656-28EDA9ECD490@microsoft.com... > Have you solved this? I have the same problem except that my application > can > be deployed to any computer. I need to determine, at runtime, whether to > use > a local group or a domain group to form the group name for IsInRole. > -- > Doug Van Vreede > I resorted to using some Win32 code to call NetGetJoinInformation. That
gives me the computer's domain. I'm still trying both forms of group names (System.Environment.MachineName & <domainName>). I'd like a way to avoid that. -- Doug Van Vreede 
Other interesting topics
Appdomain.CreateDomain throws SecurityException
Help with CryptoStream and incomplete files... NTFS ACLs from C# (Whidbey) Using an updated or newer assembly? Password Hash Gives Different Results In C# And Classic ASP - Help !!! ASP.NET Authuntication & Authorization Sharing login across applications policy files and .Net Configuration tool? How to NOT use an IV for TripleDes encryption? signcode.exe prevent popup? (X509 SPC) |
|||||||||||||||||||||||
