|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
How to retrieve the domain name for an AD user object?Hi, I'm using VS2003 C#, .net 2.0 running on Windows Server 2000.
I have a User's SID in SDDL format and also a DIRECTORYENTRY object representing this user object. How can I retrieve the name of the domain that this user object belongs to? -- Thanks. Probably the easiest way is create a SecurityIdentifier object and convert
it to an NTAccount with the Translate method. You could also get the prefix of the SID and query AD to find the domainDNS object that has that SID. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Pucca" <Pu***@discussions.microsoft.com> wrote in message news:9E97300B-C2AC-460B-B8F6-5AFDBA8BC418@microsoft.com... > Hi, I'm using VS2003 C#, .net 2.0 running on Windows Server 2000. > > I have a User's SID in SDDL format and also a DIRECTORYENTRY object > representing this user object. How can I retrieve the name of the domain > that this user object belongs to? > -- > Thanks. Hi Joe,
This is what I got so far. I need to get the domain name in a string. How can I do that from here? thank you. //sid = S-1-5-21-1993962763-879983540-725345543-500 SecurityIdentifier sdSID = new SecurityIdentifier(sid); string domainSid = sdSID.AccountDomainSid.Value.ToString(); SecurityIdentifier domain = new SecurityIdentifier(domainSid); -- Show quoteHide quoteThanks. "Joe Kaplan" wrote: > Probably the easiest way is create a SecurityIdentifier object and convert > it to an NTAccount with the Translate method. You could also get the prefix > of the SID and query AD to find the domainDNS object that has that SID. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > "Pucca" <Pu***@discussions.microsoft.com> wrote in message > news:9E97300B-C2AC-460B-B8F6-5AFDBA8BC418@microsoft.com... > > Hi, I'm using VS2003 C#, .net 2.0 running on Windows Server 2000. > > > > I have a User's SID in SDDL format and also a DIRECTORYENTRY object > > representing this user object. How can I retrieve the name of the domain > > that this user object belongs to? > > -- > > Thanks. > > > NTAccount account = domain.Translate(typeof(NTAccount));
Alternately, you could just translate the user SID and parse out the domain name. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Pucca" <Pu***@discussions.microsoft.com> wrote in message news:B4416024-1E01-4507-A298-E421AD3764DF@microsoft.com... > Hi Joe, > > This is what I got so far. I need to get the domain name in a string. > How > can I do that from here? thank you. > > //sid = S-1-5-21-1993962763-879983540-725345543-500 > SecurityIdentifier sdSID = new SecurityIdentifier(sid); > string domainSid = sdSID.AccountDomainSid.Value.ToString(); > SecurityIdentifier domain = new SecurityIdentifier(domainSid); > > -- > Thanks. > > > "Joe Kaplan" wrote: > >> Probably the easiest way is create a SecurityIdentifier object and >> convert >> it to an NTAccount with the Translate method. You could also get the >> prefix >> of the SID and query AD to find the domainDNS object that has that SID. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "Pucca" <Pu***@discussions.microsoft.com> wrote in message >> news:9E97300B-C2AC-460B-B8F6-5AFDBA8BC418@microsoft.com... >> > Hi, I'm using VS2003 C#, .net 2.0 running on Windows Server 2000. >> > >> > I have a User's SID in SDDL format and also a DIRECTORYENTRY object >> > representing this user object. How can I retrieve the name of the >> > domain >> > that this user object belongs to? >> > -- >> > Thanks. >> >> >> Goody, that worked great! Thank you very much Joe.
-- Show quoteHide quoteThanks. "Joe Kaplan" wrote: > NTAccount account = domain.Translate(typeof(NTAccount)); > > Alternately, you could just translate the user SID and parse out the domain > name. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > "Pucca" <Pu***@discussions.microsoft.com> wrote in message > news:B4416024-1E01-4507-A298-E421AD3764DF@microsoft.com... > > Hi Joe, > > > > This is what I got so far. I need to get the domain name in a string. > > How > > can I do that from here? thank you. > > > > //sid = S-1-5-21-1993962763-879983540-725345543-500 > > SecurityIdentifier sdSID = new SecurityIdentifier(sid); > > string domainSid = sdSID.AccountDomainSid.Value.ToString(); > > SecurityIdentifier domain = new SecurityIdentifier(domainSid); > > > > -- > > Thanks. > > > > > > "Joe Kaplan" wrote: > > > >> Probably the easiest way is create a SecurityIdentifier object and > >> convert > >> it to an NTAccount with the Translate method. You could also get the > >> prefix > >> of the SID and query AD to find the domainDNS object that has that SID. > >> > >> Joe K. > >> > >> -- > >> Joe Kaplan-MS MVP Directory Services Programming > >> Co-author of "The .NET Developer's Guide to Directory Services > >> Programming" > >> http://www.directoryprogramming.net > >> -- > >> "Pucca" <Pu***@discussions.microsoft.com> wrote in message > >> news:9E97300B-C2AC-460B-B8F6-5AFDBA8BC418@microsoft.com... > >> > Hi, I'm using VS2003 C#, .net 2.0 running on Windows Server 2000. > >> > > >> > I have a User's SID in SDDL format and also a DIRECTORYENTRY object > >> > representing this user object. How can I retrieve the name of the > >> > domain > >> > that this user object belongs to? > >> > -- > >> > Thanks. > >> > >> > >> > > > 
Other interesting topics
Impersonating when creating a process from inside a SQL Server Assembly
GetOwner and IdentityNotMappedException AES with SslStream token elevation Recognising user by their Network login SslStream and Certificates - Not Supported Exception. Role-based-Security... just switch it off Validate Signed XML against X.509 Certificate in .NET Validate Signed XML against X.509 Certificate in .NET ASP.NET Medium Trust Level, and passing mixed parameters to C# functions |
|||||||||||||||||||||||
