You are viewing limited content. For full access, please sign in.

Question

Question

domain group

SDK
Updated May 23, 2016
asked on May 20, 2016

LFSO allows the following syntax to retrieve Windows Groups:

ILFSecuredDomainAccountCollection winUsers = (ILFSecuredDomainAccountCollection)db.SecuredDomainAccounts;
LFDomainAccount acct;

for (int i = 1; i <= winUsers.Count; i++)
{
	acct = (LFDomainAccount)winUsers.get_Item(i);
	if (!acct.IsDenied && !acct.IsUser)
	{
		GroupData newGroup = new GroupData();
		newGroup.name = acct.Name;
		newGroup.id = acct.SID.ToString();
		Array.Resize(ref groups, groups.Length + 1);
		groups[groups.Length - 1] = newGroup;
	}
}

I am trying to reproduce this behavior in RepositoryAccess, but only got this far and cannot determine if a  Windows trustee is a user or a group.

using (WindowsAccountReader winUsers = Trustee.EnumAllWindowsAccounts(session))
{
  foreach (TrusteeInfo acct in winUsers)
  {
    if (acct.TrusteeType == TrusteeType.WindowsAccount)
    {
      GroupData newGroup = new GroupData();
      newGroup.id = acct.Sid.ToString();
      try
      {
        System.Security.Principal.NTAccount ntAcct = (System.Security.Principal.NTAccount)acct.Sid.Translate(typeof(System.Security.Principal.NTAccount));
        newGroup.name = ntAcct.ToString();
        //if (!IsGroupAccount(ntAcct)) continue;  <---- Need method to determine if group.
      }
      catch (Exception)
      {
        newGroup.name = "";
        continue;
      }

      groupsList.Add(newGroup);
    }
  }

  winUsers.Close();
}

The Laserfiche Admin Console displays whether a Windows Account is a user or a group. Does the RepositoryAccess SDK have this feature or is there another recommended way to determine this? Thank you.

0 0

Answer

SELECTED ANSWER
replied on May 23, 2016

Use AccountReference.IsUser:

using (WindowsAccountReader winUsers = Trustee.EnumAllWindowsAccounts(session))
{
    foreach (TrusteeInfo acct in winUsers)
    {
        if (acct.TrusteeType == TrusteeType.WindowsAccount)
        {
            AccountReference account = new AccountReference(acct.Sid, session);
            if (!account.IsUser) // This calls LookupAccountSid internally to get the account info
            {
                // Add to the group list
            }
        }
    }
}

 

0 0

Replies

replied on May 23, 2016

Thanks, I hadn't found the AccountReference class, but it is also coming in handy for getting user information in another area I am working on.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...