I have two questions.
1) How do I know if a 'user account' is exists on my windows OS (vista)? I need this information of a stand alone machine. I mean, the machine doesn't joined to any domain.
2) also I want to know whether a user is a part of a group? for eg. is a user 'admin' part of administrator group or not?
could anyone pls help..
You might want to check out this forum post. It will give you the enumerated list via WMI of the users on the machine. You could then check to see if your account is there. The forum links to a article on code project as well. I believe you can get group membership through WMI as well but I could be wrong.
You can work out if a local account exists through the System.Security.Principal namespace using the following code.
bool AccountExists(string name)
{
bool bRet = false;
try
{
NTAccount acct = new NTAccount(name);
SecurityIdentifier id = (SecurityIdentifier)acct.Translate(typeof(SecurityIdentifier));
bRet = id.IsAccountSid();
}
catch (IdentityNotMappedException)
{
/* Invalid user account */
}
return bRet;
}
Now getting group membership is slightly harder, you can easily do it for the current user using the WindowsPrinciple.IsInRole method (creating a principle from the WindowsIdentify.GetCurrent() method).
As pointed out I don't think there is a way of getting anything else without resorting to pinvoke or WMI. So here is a bit of code to check group membership with WMI.
bool IsUserInGroup(string name, string group)
{
bool bRet = false;
ObjectQuery query = new ObjectQuery(String.Format("SELECT * FROM Win32_UserAccount WHERE Name='{0}' AND LocalAccount=True", name));
ManagementObjectSearcher searcher = new ManagementObjectSearcher(query);
ManagementObjectCollection objs = searcher.Get();
foreach (ManagementObject o in objs)
{
ManagementObjectCollection coll = o.GetRelated("Win32_Group");
foreach (ManagementObject g in coll)
{
bool local = (bool)g["LocalAccount"];
string groupName = (string)g["Name"];
if (local && groupName.Equals(group, StringComparison.InvariantCultureIgnoreCase))
{
bRet = true;
break;
}
}
}
return bRet;
}
I have tried the following code and is working fine for me..
public bool IsUserMemberOfGroup(string userName, string groupName)
{
bool ret = false;
try
{
DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
DirectoryEntry userGroup = localMachine.Children.Find(groupName, "group");
object members = userGroup.Invoke("members", null);
foreach (object groupMember in (IEnumerable)members)
{
DirectoryEntry member = new DirectoryEntry(groupMember);
if (member.Name.Equals(userName, StringComparison.CurrentCultureIgnoreCase))
{
ret = true;
break;
}
}
}
catch (Exception ex)
{
ret = false;
}
return ret;
}