我正在编写一个应用程序,它聚合了几个不同服务器上的每个事件日志条目。我可以通过将MachineName传递给EventLog.GetEventLogs来获取事件日志。这通常会在某个阶段失败,因为用户不是该机器上的本地管理员,因此我想提前检查它并跳转到下一组服务器(如果是这种情况)
For Each svr As String In Servers
'TODO: check to see if they are a local administrator, else continue for
Dim logs As List(Of EventLog) = EventLog.GetEventLogs(svr).ToList
For Each log As EventLog In logs
LoadEachOSLogEntry(log)
Next
Next
大多数解决方案,例如here,只检查用户是否是当前正在执行的计算机上的管理员。
Dim user As WindowsIdentity = WindowsIdentity.GetCurrent()
Dim principal As New WindowsPrincipal(user)
Dim isAdmin As Boolean = principal.IsInRole(WindowsBuiltInRole.Administrator)
答案 0 :(得分:0)
我会分享一个部分解决方案,但我并不完全满意,所以如果有人有更好的东西,我会乐意接受他们的回答。
以下函数将返回用户属于任何计算机上的特定用户组(在我的情况下为"Administrators")。
Imports System.DirectoryServices.AccountManagement
Public Shared Function IsMemberOfGroup(userName As String, machineName As String, memberGroup as String) As Boolean
Dim isMember As Boolean = False
Using rootContext As New PrincipalContext(ContextType.Machine, machineName), _
grp As GroupPrincipal = GroupPrincipal.FindByIdentity(rootContext, memberGroup), _
usr As UserPrincipal = UserPrincipal.FindByIdentity(rootContext, IdentityType.SamAccountName, userName)
If grp IsNot Nothing AndAlso usr IsNot Nothing Then
' Check if the user is a member of the group.
isMember = grp.GetMembers(True).Contains(usr)
Else
isMember = False
End If
End Using
Return isMember
End Function
caviat是运行该方法的用户必须是管理员才能拥有PrincipalContext中此信息集的权限。我希望应用程序能够确定运行该应用程序的用户是否是管理员。
使这个超级有用的唯一方法是调用它并查看它是否出现“拒绝访问”,类似于已经建议的hometoast,但这仍然感觉不到超级“干净”