(untagged)

Convert Object Name to SID and vice versa

Nikhil Doshi

0.00/5 (No votes)

7 May 2004

Tool to convert SIDs to object name and vice versa.

Sample Image - lkupuserinfo_jpg.jpg

Introduction

The aim is to create an application that helps us retrieve the name of an object (e.g., Username) and its domain name, provided the SID of the object is available. The SID has to be in the �S-1-5-21-39�.� format.

The application also is useful to fetch the SID of the object if the name of the object (e.g. Username) and the system name are available.

This application will also work in a domain environment where the object name should be as �Domainname\objectname�. In case the system name is not available, the local system is used to fetch the information.

This application was particularly useful when I was trying to understand the ethereal packets, and also to know in which user context were the requests being made from a CIFS client.

This is a simple MFC based .NET application. The application is based on 2 simple functions:

FetchUserName: This function is used to get the object name and the domain name, provided the SID and the system name is available. In case the system name is not available, it will be assumed that the SID on the local machine is to be obtained. The system name can be a domain wide name and could be in the format Domainname\SystemName.

Code snippet:

FetchUserName(LPTSTR strtext,LPTSTR lpSystemName,
              LPTSTR *lpUserName, LPTSTR *lpDomainName){
 
 Sid = GetBinarySid(strtext); //convert stringSID to SID structure

 RetBln = LookupAccountSid(lpSystemName,
                            Sid,
                            *lpUserName,
                            &usernameLength,
                            *lpDomainName,
                            &domainnameLength,
        &snu); 
        //function used to get the name 

        //of the object given the SID structure is given

 
}

FetchSID: This function is used to get the object SID in text format and the domain name, provided the object name and the system name is available. In case the system name is not available, it will be assumed that the SID on the local machine is to be obtained. The system name can be a domain wide name and could be in the format Domainname\SystemName.

Code snippet:

FetchSID(LPTSTR strText,LPTSTR systemName,LPTSTR *SID,LPTSTR *domainName){
 
//This is done just to know the buffer size for SID as well as Domain name 

returnValue = LookupAccountName (systemName,
                       strText,
                       mySid,
                       &sidSize,
                       tempdomainName,
                       &refDomainSize,
                       &snu); 
if(sidSize){
        mySid = (PSID) malloc (sidSize);
        memset(mySid,0,sidSize);
}else{
returnValue = ERROR_INVALID_PARAMETER;
        goto exitfunc;
}
    
if(refDomainSize){
        tempdomainName = (LPTSTR) malloc (refDomainSize * sizeof(TCHAR));
        memset(tempdomainName,0,refDomainSize * sizeof(TCHAR));
}
    //Now get the SID and the domain name

if (!LookupAccountName (systemName,
                        strText,
                        mySid,
                        &sidSize,
                        tempdomainName,
                        &refDomainSize,
                        &snu)
       
}

The core of the entire code is the two functions:

GetTextualSid and GetBinarySid used to convert SID structure to a Textual SID and vice versa. We could also use the other function provided by MS to achieve the same like ConvertStringSidToSid and ConvertSidToStringSid. Refer to 'Converting SIDs between strings and binary' by Brian Friesen from Code Project or also from the Microsoft site.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here