Block Windows "Guest" account
-
Hi, I want to restrict users log on the computer from Windows "Guest" account from starting our application. Our application can be used on XP, Vista and Windows 7. What is wrong with this solution, I get SecurityException when testing from Win7 guest account, I have tried both PrincipalPermission(null, "Guests"); and PrincipalPermission(null, "Guest"); I have also tried to use PrincipalPermission(null, "Administrators"); and then I can use the application from Admin account but not from guest account. static void Main() { AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); PrincipalPermission principalGuest = new PrincipalPermission(null, "Guest"); //Has also tested with "Guests" try { principalGuest.Demand(); } catch (SecurityException e) { //I only want to get this exception if the user is Windows account type "guest" } } Best regards Olof
-
Hi, I want to restrict users log on the computer from Windows "Guest" account from starting our application. Our application can be used on XP, Vista and Windows 7. What is wrong with this solution, I get SecurityException when testing from Win7 guest account, I have tried both PrincipalPermission(null, "Guests"); and PrincipalPermission(null, "Guest"); I have also tried to use PrincipalPermission(null, "Administrators"); and then I can use the application from Admin account but not from guest account. static void Main() { AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); PrincipalPermission principalGuest = new PrincipalPermission(null, "Guest"); //Has also tested with "Guests" try { principalGuest.Demand(); } catch (SecurityException e) { //I only want to get this exception if the user is Windows account type "guest" } } Best regards Olof
have you tried?
WindowsIdentity wi = WindowsIdentity.GetCurrent(); WindowsPrincipal wp = new WindowsPrincipal(wi); if (wp.IsInRole(WindowsBuiltInRole.Guest)) return;Might need a bit more code but that should help
Architecture is extensible, code is minimal.
-
have you tried?
WindowsIdentity wi = WindowsIdentity.GetCurrent(); WindowsPrincipal wp = new WindowsPrincipal(wi); if (wp.IsInRole(WindowsBuiltInRole.Guest)) return;Might need a bit more code but that should help
Architecture is extensible, code is minimal.
Hi, thanks for your answer. With this solution I can block users that belong to the Windows Guest group. I want to block user with name guest. The guest account you can turn on/off on windows. I got an answer on another forum string username = Environment.UserName; if (username.ToLower() == "guest") Application.Exit(); One problem is that the application can be used on many different language OS, if we are using chinese OS do we have to translate "guest" to chinese before or is there another way to determine this? We can translate "guest" but it is easy if there is another way to solve it.
-
Hi, thanks for your answer. With this solution I can block users that belong to the Windows Guest group. I want to block user with name guest. The guest account you can turn on/off on windows. I got an answer on another forum string username = Environment.UserName; if (username.ToLower() == "guest") Application.Exit(); One problem is that the application can be used on many different language OS, if we are using chinese OS do we have to translate "guest" to chinese before or is there another way to determine this? We can translate "guest" but it is easy if there is another way to solve it.
You'll need to create globalization resource files. There are a number of articles [here] at CodeProject BTW: You'll be doing the support desk a favour if you add a MessageBox notifying "Guest" that they have insufficient permissions to use the application before exiting.
Architecture is extensible, code is minimal.