1

我正在编写一个应用程序来聚合几个不同服务器中的每一个上的所有事件日志条目。MachineName我可以通过传入to来获取事件日志EventLog.GetEventLogs。如果用户不是该机器上的本地管理员,这通常会在某个阶段失败,所以我想提前检查一下,如果是这种情况,请跳到下一组服务器

For Each svr As String In Servers

    'TODO: check to see if they are a local administrator, else continue for

    Dim logs As List(Of EventLog) = EventLog.GetEventLogs(svr).ToList
    For Each log As EventLog In logs
        LoadEachOSLogEntry(log)
    Next
Next

大多数解决方案,比如这里的解决方案,只检查用户是否是当前执行机器上的管理员。

Dim user As WindowsIdentity = WindowsIdentity.GetCurrent()
Dim principal As New WindowsPrincipal(user)
Dim isAdmin As Boolean = principal.IsInRole(WindowsBuiltInRole.Administrator)
4

1 回答 1

0

这是一个尝试。

以下函数将返回用户是否属于"Administrators"任何机器上的特定用户组(在我的情况下)。

Imports System.DirectoryServices.AccountManagement

Public Shared Function IsMemberOfGroup(userName As String, machineName As String, memberGroup as String) As Boolean
    Dim isMember As Boolean = False
    Using rootContext As New PrincipalContext(ContextType.Machine, machineName), _
          grp As GroupPrincipal = GroupPrincipal.FindByIdentity(rootContext, memberGroup), _
          usr As UserPrincipal = UserPrincipal.FindByIdentity(rootContext, IdentityType.SamAccountName, userName)
        If grp IsNot Nothing AndAlso usr IsNot Nothing Then
            ' Check if the user is a member of the group.
            isMember = grp.GetMembers(True).Contains(usr)
        Else
            isMember = False
        End If
    End Using
    Return isMember
End Function

需要注意的是,运行该方法的用户必须是管理员才能拥有对PrincipalContext. 我希望该应用程序能够确定运行该应用程序的用户是否是管理员。

让这个超级有用的唯一方法是调用它,看看它是否提出了“拒绝访问”,类似于已经建议的hometoast,但这仍然感觉不是超级“干净”

于 2013-02-26T20:17:25.027 回答