user -> handle, handle -> user

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

David Thielen - 03 Dec 2004 19:55 GMT

Hi;

How in the .net environment can I get the current user handle? By the
current user handle I mean the unique ID for the user whereby if a user is
deleted, and a new user with the same name is created, it will now be a
different handle.

And how do I get from the handle to a username?

Signature

thanks - dave

Reply to this Message

Willy Denoyette [MVP] - 05 Dec 2004 17:43 GMT

> Hi;
>
[quoted text clipped - 4 lines]
>
> And how do I get from the handle to a username?

I guess you are looking for what's called an account SID.
Here's how you can retrieve the SID of a user account using
System.Management classes:

using System.Management;
...
// 1st arg. use local machine name or domain name.
// 2nd arg the user account name
GetAccountSid("domain", "username");
....

static void GetAccountSid(string domain, string name)
{
string accountSid;
string CIMObject =
String.Format("win32_systemaccount.domain='{0}',name='{1}'", domain, name);
Console.WriteLine(CIMObject);
using(ManagementObject mo = new ManagementObject(CIMObject))
{
mo.Get();
accountSid = mo["SID"].ToString();
Console.WriteLine(accountSid);
}
}

Reply to this Message

David Thielen - 05 Dec 2004 21:52 GMT

Hi;

Yes - that is it exactly.

Is there a way to get from SID to username? And what happens in that case if
the user has been deleted?

thanks - dave

> > Hi;
> >
[quoted text clipped - 29 lines]
> }
> }

Reply to this Message

David Thielen - 06 Dec 2004 21:49 GMT

Hi;

This didn't work. On my system Thread.CurrentPrincipal.Identity.Name ==
@"CORP\dthielen"

I tried:
GetAccountSid ("CORP", "dthielen");
GetAccountSid (@"\CORP", "dthielen");
GetAccountSid (@"\\CORP", "dthielen");
GetAccountSid ("CORP", @"\dthielen");
GetAccountSid ("CORP", @"CORP\dthielen");

any ideas?

thanks - dave

> > Hi;
> >
[quoted text clipped - 29 lines]
> }
> }

Reply to this Message

Willy Denoyette [MVP] - 07 Dec 2004 15:03 GMT

> Hi;
>
[quoted text clipped - 11 lines]
>
> thanks - dave

Sure, I suppose 'CORP' is the logon domain name of useraccount 'dthielen'.
In this case you to connect to the domain controller and use the
Win32_UserAccount class and you have.
Win32_SystemAccount and Win32_UserAccount are subclasses of Win32_Account.
The former only contains the default local system accounts
(localaccount==true), the second represents the non local accounts
(localaccount == false).

Here's a sample:

public static void Main() {
//Connect to the remote computer
ConnectionOptions co = new ConnectionOptions();
// specify credentials of a valid account with sufficient privileges to
query the root\cimv2 namespace
co.Username = "administrator";
co.Password = "somepasswd";
// Connect to the DC using above credentials
System.Management.ManagementScope ms = new
System.Management.ManagementScope(@"\\DCforCORP\root\cimv2", co);
GetAccountSid("CORP", "administrator", ms);

}
static void GetAccountSid(string domain, string name, ManagementScope ms )
{
string accountSid;
string CIMObject =
String.Format("win32_useraccount.domain='{0}',name='{1}'", domain, name);
Console.WriteLine(CIMObject);
using(ManagementObject mo = new ManagementObject(CIMObject))
{
mo.Scope=ms;
mo.Get();
accountSid = mo["SID"].ToString();
Console.WriteLine(accountSid);
}
}

Willy.

Reply to this Message

Willy Denoyette [MVP] - 07 Dec 2004 15:24 GMT

>> Hi;
>>
[quoted text clipped - 11 lines]
>>
>> thanks - dave

If you are running in an AD domain, and you are happy with a binary form of
the SID I would suggest you to use System.DirectoryServices classes, like
this:

// Get SID of administrator
using(DirectoryEntry user = new
DirectoryEntry("LDAP://Domain/CN=administrator,cn=users,DC=corp,DC=....,DC=....",
"CORP\\administrator", "hispwd", AuthenticationTypes.Secure))
{
foreach(byte b in user.Properties["objectSid"].Value as byte[])
{
Console.Write(b);
}
}

Willy.

Reply to this Message

user -> handle, handle -> user

Free Magazines