adfunctions.au3 and user SID / GUID

[supersonic 2]

Hi!

Functions in this UDF are discussed many times before...

Here's another post to it...

When querying the SID attribute with _ADGetUserObjAttr()

a binary string will be returned. Same with GUID attribute.

How can I convert this binary SID to a string SID?

Maybe DllStructCreate() and DllStructGetData() could help,

but I'm not very famillar with these functions...

Anyone any idea?

Greets,

-supersonic.

Edited July 9, 2009 by supersonic

[water 1,868]

Hi supersonic,

yes you can. Here is a function that decodes all properties of an ad object. I use it all the time.

Edited July 9, 2009 by water

[supersonic 2]

Thanks for your reply, but please give me a clue...

When I query the AD for a user SID I got the following string:

0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000

How can I convert this string to a readable SID? Same with GUID.

Hi supersonic,

yes you can. Here is a function that decodes all properties of an ad object. I use it all the time.

[water 1,868]

In Security udf (see help file -> User defined functions) there is function _Security__SidToStringSid to do what you need.

[supersonic 2]

I searched the help file before and noticed these functions.

When querying the AD with _ADGetUserObjAttr() i get e. g. this binary string:

0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000

... witch stands for this SID: S-1-5-21-1514213250-1506394108-3247708632-2572

When feeding the Security.au3-functions with these strings from above

I get always empty results. I don't get it...

Can you provide a sample script?

In Security udf (see help file -> User defined functions) there is function _Security__SidToStringSid to do what you need.

Edited July 10, 2009 by supersonic

[water 1,868]

You can retrieve a users SID this way:

#include <security.au3>
$Sid = _Security__LookupAccountName(@UserName)
MsgBox(0,"SID for " & @UserName,$Sid[0])

[supersonic 2]

Sure, this works. I know. But it's a (lame) workaround and doesn't fit really into functions used (possible it will break their structure).

Thank you so far.

Anyone else?

You can retrieve a users SID this way:

#include <security.au3>
$Sid = _Security__LookupAccountName(@UserName)
MsgBox(0,"SID for " & @UserName,$Sid[0])

Edited July 10, 2009 by supersonic

[trancexx 921]

Well, to convert to strings:

#include <WinAPI.au3>

Global $bBinary = "0xAC1250AABFF894563FFFAC10982D33D45634ADCC193465A1"

Global $tBinaryGUID = DllStructCreate("byte[24]")
DllStructSetData($tBinaryGUID, 1, $bBinary)

Global $sGUID = _WinAPI_StringFromGUID(DllStructGetPtr($tBinaryGUID))

ConsoleWrite($sGUID & @CRLF)

#include <security.au3>

Global $bBinary = "0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000"

Global $tBinarySID = DllStructCreate("byte[28]")
DllStructSetData($tBinarySID, 1, $bBinary)


Global $sSID = _Security__SidToStringSid(DllStructGetPtr($tBinarySID))

ConsoleWrite($sSID & @CRLF)

If you get wrong passing returned then something else is not ok.

[supersonic 2]

That's exactly what I was looking for!

Thank you very much!

Well, to convert to strings:

#include <WinAPI.au3>

Global $bBinary = "0xAC1250AABFF894563FFFAC10982D33D45634ADCC193465A1"

Global $tBinaryGUID = DllStructCreate("byte[24]")
DllStructSetData($tBinaryGUID, 1, $bBinary)

Global $sGUID = _WinAPI_StringFromGUID(DllStructGetPtr($tBinaryGUID))

ConsoleWrite($sGUID & @CRLF)

#include <security.au3>

Global $bBinary = "0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000"

Global $tBinarySID = DllStructCreate("byte[28]")
DllStructSetData($tBinarySID, 1, $bBinary)


Global $sSID = _Security__SidToStringSid(DllStructGetPtr($tBinarySID))

ConsoleWrite($sSID & @CRLF)

If you get wrong passing returned then something else is not ok.

[trancexx 921]

That's exactly what I was looking for!

Thank you very much!

Great.

GUID is 128 bits in length. That would be 16 bytes.

Since no one noticed (or care about), let me say that.