DaFunkyAlex DaFunkyAlex - 1 year ago 88
C# Question

Search AD only having SID

is there a way to search the Active Directory using UserPrincipal only having the SID?
I have the SID in byte[] (previously queried with DirectorySearcher) and used a StringBuilder to convert it to "S-1-15-..." and "\01\05..".

I tried to handle it this way:

PrincipalContext pContext = new PrincipalContext(ContextType.Domain);
UserPrincipal pUser = new UserPrincipal(pContext);
pUser.Sid = stringBuilder.ToString();
PrincipalSearcher pSearcher = new PrincipalSearcher();
pSearcher.QueryFilter = pUser;

Visual Studio tells me, that the Sid is write protected. Of course...

Thanks in advance & Cheers

p.s.: I already tried to solve it the way described here: How can I convert from a SID to an account name in C#, but no success here.

Answer Source

You certainly can. I use the below method to find my users in an internal application called "Atlas". Please excuse the formatting.

using (var context = new PrincipalContext(ContextType.Domain, "DOMAIN_NAME_IMPORTANT"))
    var userIdentity = UserPrincipal.FindByIdentity(context, "USER GUID GOES HERE"));
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download