Determines whether the current principal belongs to the Windows user group with the specified relative identifier (RID).
Syntax
Parameters
- rid
Returns
true if the current principal is a member of the specified Windows user group, that is, in a particular role; otherwise, false.
Remarks
When testing for newly created role information, such as a new user or a new group, it is important to log out and log in to force the propagation of role information within the domain. Not doing so can cause the erload:System.Security.Principal.WindowsPrincipal.IsInRole test to return false. This method is not supported on Windows 98 or Windows Millennium Edition.
For performance reasons, the WindowsPrincipal.IsInRole(SecurityIdentifier) overload is recommended as the preferable overload for determining the user's role.
In Windows Vista, User Account Control (UAC) determines the privileges of a user. If you are a member of the Built-in Administrators group, you are assigned two run-time access tokens: a standard user access token and an administrator access token. By default, you are in the standard user role. When you attempt to perform a task that requires administrative privileges, you can dynamically elevate your role by using the Consent dialog box. The code that executes the erload:System.Security.Principal.WindowsPrincipal.IsInRole method does not display the Consent dialog box. The code returns false if you are in the standard user role, even if you are in the Built-in Administrators group. You can elevate your privileges before you execute the code by right-clicking the application icon and indicating that you want to run as an administrator.
Relative identifiers (RIDs) are components of a Windows user group's security identifier (SID) and are supported to help prevent cross-platform localization issues. Many user accounts, local groups, and global groups have a default RID value that is constant across all versions of Windows.
For example, the RID for the BUILTIN\Administrators role is 0x220. Using 0x220 as the input parameter for the WindowsPrincipal.IsInRole(SecurityIdentifier) method results in true being returned if the current principal is an administrator.
The following tables list the default RID values.
| DOMAINNAME\Administrator |
0x1F4 |
| DOMAINNAME\Guest |
0x1F5 |
| DOMAINNAME\Domain Admins |
0x200 |
| DOMAINNAME\Domain Users |
0x201 |
| DOMAINNAME\Domain Guests |
0x202 |
| BUILTIN\Administrators |
0x220 |
| BUILTIN\Users |
0x221 |
| BUILTIN\Guests |
0x222 |
| BUILTIN\Account Operators |
0x224 |
| BUILTIN\Server Operators |
0x225 |
| BUILTIN\Print Operators |
0x226 |
| BUILTIN\Backup Operators |
0x227 |
| BUILTIN\Replicator |
0x228 |
Requirements
Assembly: mscorlib (in mscorlib.dll)
Assembly Versions: 1.0.5000.0, 2.0.0.0, 4.0.0.0