Login/Register
The best way to resolve display username by SID?
Asked Answered
Solved c#windowssid
R

2

13

I read a list of SIDs from the registry, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList.

How would one resolve the display username (e.g. DOMAIN\user, BUILT-IN\user) given the SID string in C#?

Recidivism answered 19/12, 2008 at 3:32 Comment(0)
W
11

The Win32 API function LookupAccountSid() is used to find the name that corresponds to a SID.

LookupAccountSid() has the following signature:

BOOL LookupAccountSid(LPCTSTR lpSystemName, PSID Sid,LPTSTR Name, LPDWORD cbName,
                       LPTSTR ReferencedDomainName, LPDWORD cbReferencedDomainName,
                       PSID_NAME_USE peUse);

MSDN Ref.

Here's the P/Invoke reference (with sample code): http://www.pinvoke.net/default.aspx/advapi32.LookupAccountSid

[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError = true)]
static extern bool LookupAccountSid (
  string lpSystemName,
  [MarshalAs(UnmanagedType.LPArray)] byte[] Sid,
  StringBuilder lpName,
  ref uint cchName,
  StringBuilder ReferencedDomainName,
  ref uint cchReferencedDomainName,
  out SID_NAME_USE peUse);
Watteau answered 19/12, 2008 at 3:46 Comment(3)
Is there any other way to do it without using p/invoke in C#?Recidivism
@DennisC you can do it without P/Invoke. Please see my answer: #7593505Candelaria
@EriawanKusumawardhono I guess you may not read the questions very well. Because they are exactly opposite APIRecidivism
R
31

Just found it on the pinvoke.net.

Alternative Managed API: Available in .Net 2.0:

using System.Security.Principal;

// convert the user sid to a domain\name
string account = new SecurityIdentifier(stringSid).Translate(typeof(NTAccount)).ToString();
Recidivism answered 19/12, 2008 at 5:59 Comment(1)
This solution is not reliable in all situations. There are sometimes SIDs which cannot be translated and this will throw an exception. I've found LookupAccountSid() to be more reliable.Poser
W
11

The Win32 API function LookupAccountSid() is used to find the name that corresponds to a SID.

LookupAccountSid() has the following signature:

BOOL LookupAccountSid(LPCTSTR lpSystemName, PSID Sid,LPTSTR Name, LPDWORD cbName,
                       LPTSTR ReferencedDomainName, LPDWORD cbReferencedDomainName,
                       PSID_NAME_USE peUse);

MSDN Ref.

Here's the P/Invoke reference (with sample code): http://www.pinvoke.net/default.aspx/advapi32.LookupAccountSid

[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError = true)]
static extern bool LookupAccountSid (
  string lpSystemName,
  [MarshalAs(UnmanagedType.LPArray)] byte[] Sid,
  StringBuilder lpName,
  ref uint cchName,
  StringBuilder ReferencedDomainName,
  ref uint cchReferencedDomainName,
  out SID_NAME_USE peUse);
Watteau answered 19/12, 2008 at 3:46 Comment(3)
Is there any other way to do it without using p/invoke in C#?Recidivism
@DennisC you can do it without P/Invoke. Please see my answer: #7593505Candelaria
@EriawanKusumawardhono I guess you may not read the questions very well. Because they are exactly opposite APIRecidivism

© 2022 - 2024 — McMap. All rights reserved.