Re: Getting User Information from a SID

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 07/21/05


Date: Thu, 21 Jul 2005 11:38:33 -0500

Beta 2 came with an MSDN distro that has docs for the new functions. I'm
not sure if the samples are up to snuff yet, but you could start there.

If you can get by with the SecurityIdentifier and NTAccount classes for what
you need, then by all means use them. Messing with LDAP is best avoided if
there is a more simple approach available.

If you need to get more attributes out of AD than what those classes
support, you'll still need to do the LDAP stuff to look it up though.

Joe K.

<martinpare258@community.nospam> wrote in message
news:O$pDD6gjFHA.3144@TK2MSFTNGP12.phx.gbl...
>I am impressed! It works.
> Thank you!
>
> Where can I read more about these fun .Net classes? I am used to doing
> things using the Win32 API.
>
> Thank you again!
>
> -Martin
> "Dominick Baier [DevelopMentor]" <dbaier@pleasepleasenospamdevelop.com>
> wrote in message news:623658632574972368359280@news.microsoft.com...
>> Hello martinpare258@community.nospam,
>>
>> is that 2.0 code? if yes..
>>
>> does
>> NTAccount acc = (NTAccount)sec.Translate(typeof(NTAccount));
>> string account = acc.Value;
>>
>> work for you?
>>
>>
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>
>>> Hi,
>>> I have to get some user information based on his SID.
>>> I have tried the code below, and it somewhat works. The adUser
>>> contains some information but most of it returns a COMException.
>>>
>>> I am mostly interested in the Name property, and in this case it
>>> returns
>>> "<SID=0105000000000005150000005F13F2099152550794696F4D610C0000>"
>>>
>>> Is there anyone out there with an idea? please!! :-)
>>>
>>> Regards
>>> Martin
>>> staffMemberSid = "S-1-5-21-166859615-123032209-1299147156-3169";
>>> // Get the hex form of the SID
>>>
>>> SecurityIdentifier sec = new SecurityIdentifier ( staffMemberSid );
>>>
>>> byte [ ] binarySID = new byte [ sec.BinaryLength ];
>>>
>>> sec.GetBinaryForm ( binarySID, 0 );
>>>
>>> string hexSid = "";
>>>
>>> foreach ( byte aByte in binarySID )
>>>
>>> {
>>>
>>> hexSid += aByte.ToString ( "X2" );
>>>
>>> }
>>>
>>> // Create the LDAP string to addres the user based on his fully
>>> qualified user name.
>>>
>>> string ldapPath = "LDAP://<SID=" + hexSid + ">";
>>>
>>> // Get the object from the directory
>>>
>>> DirectoryEntry directoryEntry = new
>>> System.DirectoryServices.DirectoryEntry ( ldapPath);
>>>
>>> // Cast the directory entry into a directory user.
>>>
>>> ActiveDs.IADsUser adUser = ( IADsUser ) directoryEntry.NativeObject;
>>>
>>> adUser.GetInfo ( );
>>>
>>
>>
>>
>
>