How to get user's SID?

Question

How to get user's SID?

win32nipuh opened this issue 5 years ago · comments

win32nipuh commented 5 years ago

I am testing the example code. But I do not see how to retrieve the SID of the selected user?

win32nipuh · Answer 1 · Thu Sep 12 2019 19:06:28 GMT+0800 (China Standard Time)

Sorry, no problem, it works fine.

MikeRosoft · Answer 2 · Tue Sep 01 2020 01:55:45 GMT+0800 (China Standard Time)

For those who want to know how to solve this:

using(var dialog = new DirectoryObjectPickerDialog())
{
    dialog.AllowedObjectTypes = ObjectTypes.Users;
    dialog.MultiSelect = false;        
    dialog.AttributesToFetch.Add("objectSid");
    //LDAP has dozens of attributes, but almost all return null. In my experience objectSid is the only useful one.

    if (dialog.ShowDialog() == DialogResult.OK)
    {
        //FetchedAttributes contains attribute values from AttributesToFetch, in that order
        byte[] sidBytes = (byte[])dialog.SelectedObject.FetchedAttributes[0];
        
        //Now we can translate the SID to NT account (DOMAIN\user)
        var sid = new System.Security.Principal.SecurityIdentifier(sidBytes,0);
        System.Security.Principal.NTAccount user = (System.Security.Principal.NTAccount)sid.Translate(typeof(System.Security.Principal.NTAccount));

        return user.Value;
    }
}