WindowsBuiltInRole WindowsBuiltInRole WindowsBuiltInRole WindowsBuiltInRole Enum

定义

指定要与 IsInRole(String) 一起使用的公共角色。Specifies common roles to be used with IsInRole(String).

public enum class WindowsBuiltInRole
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
public enum WindowsBuiltInRole
type WindowsBuiltInRole = 
Public Enum WindowsBuiltInRole
继承
WindowsBuiltInRoleWindowsBuiltInRoleWindowsBuiltInRoleWindowsBuiltInRole
属性

字段

AccountOperator AccountOperator AccountOperator AccountOperator 548

帐户操作员管理计算机或域中的用户帐户。Account operators manage the user accounts on a computer or domain.

Administrator Administrator Administrator Administrator 544

管理员具有对计算机或域的完全的无限制的访问权限。Administrators have complete and unrestricted access to the computer or domain.

BackupOperator BackupOperator BackupOperator BackupOperator 551

备份操作员仅在出于备份或还原文件目的时才可以重写安全限制。Backup operators can override security restrictions for the sole purpose of backing up or restoring files.

Guest Guest Guest Guest 546

来宾受到比用户更多的限制。Guests are more restricted than users.

PowerUser PowerUser PowerUser PowerUser 547

超级用户具有大部分管理员权限(但也受到某些限制)。Power users possess most administrative permissions with some restrictions. 因此,高级用户除了可以运行已验证过的应用程序外,还可以运行旧式应用程序。Thus, power users can run legacy applications, in addition to certified applications.

PrintOperator PrintOperator PrintOperator PrintOperator 550

打印操作员可以获得打印机的控制权。Print operators can take control of a printer.

Replicator Replicator Replicator Replicator 552

复制程序支持域中的文件复制。Replicators support file replication in a domain.

SystemOperator SystemOperator SystemOperator SystemOperator 549

系统操作员管理特定的计算机。System operators manage a particular computer.

User User User User 545

用户被阻止进行意外的或有意的系统级更改。Users are prevented from making accidental or intentional system-wide changes. 因此,用户可以运行已验证过的应用程序,但不能运行大部分旧式应用程序。Thus, users can run certified applications, but not most legacy applications.

示例

下面的示例演示如何使用WindowsBuiltInRole枚举。The following example shows the use of the WindowsBuiltInRole enumeration.

public:
   static void DemonstrateWindowsBuiltInRoleEnum()
   {
      AppDomain^ myDomain = Thread::GetDomain();

      myDomain->SetPrincipalPolicy( PrincipalPolicy::WindowsPrincipal );
      WindowsPrincipal^ myPrincipal = dynamic_cast<WindowsPrincipal^>(Thread::CurrentPrincipal);

      Console::WriteLine( "{0} belongs to: ", myPrincipal->Identity->Name );

      Array^ wbirFields = Enum::GetValues( WindowsBuiltInRole::typeid );

      for each ( Object^ roleName in wbirFields )
      {
         try
         {
            Console::WriteLine( "{0}? {1}.", roleName,
               myPrincipal->IsInRole(  *dynamic_cast<WindowsBuiltInRole^>(roleName) ) );
         }
         catch ( Exception^ ) 
         {
            Console::WriteLine( "{0}: Could not obtain role for this RID.",
               roleName );
         }
      }
   }
using System;
using System.Threading;
using System.Security.Permissions;
using System.Security.Principal;

class SecurityPrincipalDemo
{
    public static void DemonstrateWindowsBuiltInRoleEnum()
    {
        AppDomain myDomain = Thread.GetDomain();

        myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
        WindowsPrincipal myPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal;
        Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString());
        Array wbirFields = Enum.GetValues(typeof(WindowsBuiltInRole));
        foreach (object roleName in wbirFields)
        {
            try
            {
                // Cast the role name to a RID represented by the WindowsBuildInRole value.
                Console.WriteLine("{0}? {1}.", roleName,
                    myPrincipal.IsInRole((WindowsBuiltInRole)roleName));
                Console.WriteLine("The RID for this role is: " + ((int)roleName).ToString());

            }
            catch (Exception)
            {
                Console.WriteLine("{0}: Could not obtain role for this RID.",
                    roleName);
            }
        }
        // Get the role using the string value of the role.
        Console.WriteLine("{0}? {1}.", "Administrators",
            myPrincipal.IsInRole("BUILTIN\\" + "Administrators"));
        Console.WriteLine("{0}? {1}.", "Users",
            myPrincipal.IsInRole("BUILTIN\\" + "Users"));
        // Get the role using the WindowsBuiltInRole enumeration value.
        Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator,
           myPrincipal.IsInRole(WindowsBuiltInRole.Administrator));
        // Get the role using the WellKnownSidType.
        SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
        Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid  {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid));
    }

    public static void Main()
    {
        DemonstrateWindowsBuiltInRoleEnum();
    }
}
Imports System
Imports System.Threading
Imports System.Security.Permissions
Imports System.Security.Principal

Class SecurityPrincipalDemo

    Public Shared Sub DemonstrateWindowsBuiltInRoleEnum()
        Dim myDomain As AppDomain = Thread.GetDomain()

        myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal)
        Dim myPrincipal As WindowsPrincipal = CType(Thread.CurrentPrincipal, WindowsPrincipal)
        Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString())
        Dim wbirFields As Array = [Enum].GetValues(GetType(WindowsBuiltInRole))
        Dim roleName As Object
        For Each roleName In wbirFields
            Try
                ' Cast the role name to a RID represented by the WindowsBuildInRole value.
                Console.WriteLine("{0}? {1}.", roleName, myPrincipal.IsInRole(CType(roleName, WindowsBuiltInRole)))
                Console.WriteLine("The RID for this role is: " + Fix(roleName).ToString())

            Catch
                Console.WriteLine("{0}: Could not obtain role for this RID.", roleName)
            End Try
        Next roleName
        ' Get the role using the string value of the role.
        Console.WriteLine("{0}? {1}.", "Administrators", myPrincipal.IsInRole("BUILTIN\" + "Administrators"))
        Console.WriteLine("{0}? {1}.", "Users", myPrincipal.IsInRole("BUILTIN\" + "Users"))
        ' Get the role using the WindowsBuiltInRole enumeration value.
        Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator, myPrincipal.IsInRole(WindowsBuiltInRole.Administrator))
        ' Get the role using the WellKnownSidType.
        Dim sid As New SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, Nothing)
        Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid  {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid))

    End Sub 'DemonstrateWindowsBuiltInRoleEnum

    Public Shared Sub Main()
        DemonstrateWindowsBuiltInRoleEnum()

    End Sub 'Main
End Class 'SecurityPrincipalDemo 

注解

这些角色代表大多数的 Windows NT、 Windows 2000 和 Windows XP 安装到常见的本地 Windows 组。These roles represent the local Windows groups common to most installations of Windows NT, Windows 2000 and Windows XP.

备注

在 Windows Vista 中,用户帐户控制 (UAC) 决定用户的特权。In Windows Vista, User Account Control (UAC) determines the privileges of a user. 如果您是内置的 Administrators 组的成员,将为您分配两个运行时访问令牌:一个标准用户访问令牌和一个管理员访问令牌。If you are a member of the Built-in Administrators group, you are assigned two run-time access tokens: a standard user access token and an administrator access token. 默认情况下,您拥有标准用户角色。By default, you are in the standard user role. 当您尝试执行需要管理权限的任务时,可以使用同意对话框中动态地提升你的角色。When you attempt to perform a task that requires administrative privileges, you can dynamically elevate your role by using the Consent dialog box. 执行的代码IsInRole方法不会显示同意对话框。The code that executes the IsInRole method does not display the Consent dialog box. 即使您是内置管理员组中,代码返回如果您拥有标准用户角色,则为 false。The code returns false if you are in the standard user role, even if you are in the Built-in Administrators group. 通过右键单击应用程序图标,指示你想要以管理员身份运行执行代码之前,您可以提升你的特权。You can elevate your privileges before you execute the code by right-clicking the application icon and indicating that you want to run as an administrator.

适用于