Tuesday, January 11, 2011

Blog Post: How to get the sAMAccountName of a foreign security principal (C#)

Hi all,

The following sample shows a couple of ways to get the sAMAccountName of a foreign security principal in your Active Directory. Needless to say, the recommended approach is the one that uses .NET classes over the one that uses Adssecurity.dll:

 

 

using System;
using System.DirectoryServices;
using ADSSECURITYLib;
using System.Security.Principal;

namespace MySample
{
class Program
{
static void Main(string[] args)
{
string sAMAccountName = "";

// Get sAMAccountName with Adssecurity.dll. You will have to add to your project a reference to this COM dll
sAMAccountName = GetSamAccountNameWithADSSECURITYLib("LDAP://CN=S-1-5-21-100066778-12312342-412341235-513,CN=ForeignSecurityPrincipals,DC=domain,DC=com");
Console.WriteLine(sAMAccountName);

// Get sAMAccountName with .NET
sAMAccountName = GetSamAccountNameWithDotNET("LDAP://CN=S-1-5-21-100066778-12312342-412341235-513,CN=ForeignSecurityPrincipals,DC=domain,DC=com");
Console.WriteLine(sAMAccountName);
}

static string GetSamAccountNameWithADSSECURITYLib(string ldapPath)
{
const int ADS_SID_RAW = 0;
const int ADS_SID_SAM = 2;

string sAMAccountName = "";

try
{
DirectoryEntry user = new DirectoryEntry(ldapPath);

// Get the SID
object objectSid = user.InvokeGet("objectSid");

// Resolve the SID into its sAMAcountName.
ADsSIDClass sid = new ADsSIDClass();
sid.SetAs(ADS_SID_RAW, objectSid);
sAMAccountName = sid.GetAs(ADS_SID_SAM).ToString();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}

return sAMAccountName;
}

static string GetSamAccountNameWithDotNET(string ldapPath)
{
string sAMAccountName = "";

try
{
DirectoryEntry user = new DirectoryEntry(ldapPath);

// Get the SID
object objectSid = user.InvokeGet("objectSid");

// Resolve the SID into its sAMAcountName.
SecurityIdentifier sid = new SecurityIdentifier((byte[])objectSid, 0);
NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount));
sAMAccountName = account.ToString();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}

return sAMAccountName;
}

}
}

 

 

 

I hope this helps.

Regards,

 

Alex (Alejandro Campos Magencio)

Amerie Rachel Bilson Karen Carreno Bijou Phillips Marika Dominczyk

2 comments:

  1. nice piece of information, I had come to know about your internet site from my friend vinay, delhi,i have read atleast 12 posts of yours by now, and let me tell you, your website gives the best and the most interesting information. This is just the kind of information that i had been looking for, i'm already your rss reader now and i would regularly watch out for the new post, once again hats off to you! Thanx a ton once again, Regards,informatica online training

    ReplyDelete
  2. ldap online training| ldap training| call us+919000444287 ...
    www.21cssindia.com/courses/ldap-online-training-103.html
    LDAP Online Training, LDAP training, LDAP course contents, LDAP , call us: +919000444287,dharani@21cssindia.com.

    ReplyDelete