How to find if a user has a membership to a specific Global Group in a service?

Question

I cannot seem to be able to find that a certain user is a member of a DeployUsersProduction group. Here's what I have so far:

[OperationBehavior(Impersonation = ImpersonationOption.Required)]
public Modes GetDeployMode()
{
    bool isProd = false;

    WindowsIdentity windowsIdentity = WindowsIdentity.GetCurrent();
    if (windowsIdentity == null || windowsIdentity.Groups == null) { return Modes.DUS; }

    foreach (IdentityReference identityReference in windowsIdentity.Groups)
    {
        try
        {
            var reference = identityReference;
            string group = reference.Translate(typeof (NTAccount)).Value.Trim();

            if (!String.Equals(group, "DeployUsersProduction", StringComparison.OrdinalIgnoreCase)) { continue; }

            isProd = true;
            break;
        }
        catch (Exception ex)
        {
            // Silent catch due to the [Some or all identity references could not be translated]
            // error that sometimes occurs while trying to map an identity.
        }
    }

    return isProd ? Modes.Prod : Modes.DUS;
}

I've got all the config, spn, db, perms, etc correct as far as I can tell. I just have one user that should be returning Modes.Prod and it's not.

Answer 1

The answer wasn't that my approach was wrong, it was the fact that I needed to prefix my group that I was searching for with its domain:

if (!String.Equals(group, @"DOMAIN\DeployUsersProd", StringComparison.OrdinalIgnoreCase)) { continue; }

Special thanks to @DJ KRAZE for the links that led me to writing my own Console app that outputted the groups so I could figure this out!