DaFunkyAlex DaFunkyAlex - 11 days ago 5
C# Question

Search AD only having SID

is there a way to search the Active Directory using UserPrincipal only having the SID?
I have the SID in byte[] (previously queried with DirectorySearcher) and used a StringBuilder to convert it to "S-1-15-..." and "\01\05..".

I tried to handle it this way:

PrincipalContext pContext = new PrincipalContext(ContextType.Domain);
UserPrincipal pUser = new UserPrincipal(pContext);
pUser.Sid = stringBuilder.ToString();
PrincipalSearcher pSearcher = new PrincipalSearcher();
pSearcher.QueryFilter = pUser;
Console.WriteLine(pSearcher.FindOne().DistinguishedName.ToString());


Visual Studio tells me, that the Sid is write protected. Of course...

Thanks in advance & Cheers
Alex

p.s.: I already tried to solve it the way described here: How can I convert from a SID to an account name in C#, but no success here.

Answer

You certainly can. I use the below method to find my users in an internal application called "Atlas". Please excuse the formatting.

using (var context = new PrincipalContext(ContextType.Domain, "DOMAIN_NAME_IMPORTANT"))
{
    var userIdentity = UserPrincipal.FindByIdentity(context, "USER GUID GOES HERE"));
}
Comments