While looking at ways to perform role based access control in a Winforms application, I came across some solutions using WindowsIdentity and WindowsPrincipal. It got me thinking about the differences between a group and a role, and there certainly are some answers (like this and this), that seem to indicate that they are different (although the former does say that "...Unfortunately, operating systems tend to blur the distinction, treating roles as groups.")
The WindowsPrincipal.IsInRole() method summmary states;
"Determines whether the current principal belongs to the Windows user group with the specified name."
Does this then mean, that in this regard, Windows Groups are considered Roles?
There is some Windows Server documentation that talks about assigning Windows users or Groups to roles, but I'm not really familiar with that. Can someone confirm that the roles discussed in that link are what is being referred to in the WindowsPrincipal documentation?
The 'Assign a Windows User or Group to a Role' article is talking about the Windows Server Authorization Manager. The article says that you can add both users and groups to roles, so no, when it comes to Authorization Manager, roles are not the same as Windows groups.
In the case of WindowsPrincipal.IsInRole(), the word "Role" is used simply because WindowsPrincipal implements ClaimsPrincipal, which implements IPrincipal and therefore is required to implement the IsInRole() method. So in the context of WindowsPrincipal, roles are the same as Windows groups.