I want to find out how the User.IsInRole function works with Windows Authentication. Does it only put them in one role, or is it somehow hierarchical?

For example I have a domain group called “GroupB” and this group is a member of “GroupA”, and another group called “GroupC” is a member of “GroupB”. If I call User.IsInRole(“GroupB”) for userA, userB, and userC, will it only return true for userB? And what about if the user is a domain admin, does IsInRole() always returne true or false?

I need this for cases where I want to make a group for external partners and I want make deciscions based upon this (like open internet explorer for internal users and special browser for external users, but if the internal user is the domain admin it would open a special browser if User.IsInRole always returns true for domain admins). I need to know exactly how this works for security reasons.

Thank you for helping. I’ve searched the internet, and haven’t been able to find any information about this.