-1

I use .NET's Thread.CurrentPrincipal.IsInRole function to restrict access to certain areas of my Windows applications based on AD security groups. My company is migrating these apps to RemoteApp.

When I first tested these apps after setup, they would report errors indicating that I was not in the correct security group. After the RemoteApp admins changed settings (something about "pass-through" security), it started working. Now a second user with the same permissions as me is having the exact problem I originally had.

Does RemoteApp have issues syncing up the AD security group information? It has been several days since I added the user to the necessary groups.

Keith Walton
  • 4,849
  • 5
  • 35
  • 53
  • Reason for down vote please? – Keith Walton Dec 21 '17 at 22:56
  • Launching a RemoteApp creates a session for the user that entered the credentials, so all user information should be very similar as running locally. Can you check what user the app is running as (i.e.: check Thread.CurrentPrincipal.Identity)? – cdavid Dec 22 '17 at 08:26
  • @cdavid I already did this when I first encountered the issue. I created a debug version of my app with extensive reporting of anything security related. It showed my correct credentials, the correct group it should validate against, but it said I wasn't in that group. I also included the output of "net user..." which showed that I indeed was in that group. When running the exact same EXE logged in to the server it worked fine. – Keith Walton Dec 22 '17 at 16:59

1 Answers1

0

It turns out that Remote Desktop Connection Broker was caching credentials. A reboot solved the problem.

Keith Walton
  • 4,849
  • 5
  • 35
  • 53