Solved

read SID of current user

Posted on 1997-09-30
8
1,294 Views
Last Modified: 2006-11-17
How can I read the SID of the current login user
under Win NT Workstation 4.0?
The Delphi 3.0 program which must do this, must run under the security context of the current login user.

Maybe this is not possible, but if will consider the question answered if someone gives a working example,
and otherwise delete it.
0
Comment
Question by:mosi
  • 4
  • 3
8 Comments
 
LVL 3

Expert Comment

by:mirek071497
ID: 1346649
I must try but i think so you can get it from ACE, I don't know how to obtain ACE but there was same enumerate functions for this.
0
 
LVL 5

Accepted Solution

by:
JimBob091197 earned 400 total points
ID: 1346650
To get the SID use LookupAccountName.

E.g.
procedure TForm1.btnGoClick(Sender: TObject);
var
  cSid, cRefDomainName, peUse: Integer;
  pSID, RefDomain: array[1..255] of Byte;
begin
  cSid := SizeOf(pSid);
  cRefDomainName := SizeOf(RefDomain);
  FillChar(pSID, SizeOf(pSID), 0);
  FillChar(RefDomain, SizeOf(RefDomain), 0);
  LookupAccountName('', 'Administrator', @pSID, cSid, @RefDomain, cRefDomainName, peUse);
end;

pSID will be filled with the SID information.  (For more info on the SID structure search for SID in Windows.pas.)

Instead of fixing the Account Name (in my e.g. Administrator) you could use the GetUserName API call.
E.g.
function UserName: string;
var
  UserBufSize: Integer;
  UserNameBuf: array[0..79] of Byte;
begin
  UserBufSize := 80;
  GetUserName(@UserNameBuf, UserBufSize);
  Result := string(PChar(@UserNameBuf));
end;

Hope this helps you.
JB
0
 
LVL 1

Author Comment

by:mosi
ID: 1346651
JB your reaction contains part of the answer,
but it is not useful to me yet. The return values for the SID are
in a array of byte [256]. I can't make head or tails of it.
I would like to get the (exact) string as is displayed in the registry, by dumpacl.exe, regback.exe, and so on.  

Could you expand on this, otherwise I afraid I must reject your answer.

Thanks,
 Mosi

0
 
LVL 5

Expert Comment

by:JimBob091197
ID: 1346652
Your original question merely asked how to get the SID for the current user under NT WorkStation 4.  I assumed you would know what to do with it once you had a pointer to it...  (You can find its structure in Windows.pas; search for SID.)

What exact string do you want from the registry?  (Give me an example...)  I don't have dumpacl.exe on my system...

JB
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Author Comment

by:mosi
ID: 1346653
By SID I ment the obvious the string used in Windows NT
at e.g. the command prompt, e.g. for regback. All programs
displays the SID in this format.

This format looks like this:
S-1-5-21-146995870-255084667-125644688-501

This is the SID. Maybe some intermediate internal structure in Delphi or the WinApi is different. I need the SID as commonly known in Windows NT.    

0
 
LVL 5

Expert Comment

by:JimBob091197
ID: 1346654
Ah, so you want the textual representation of a SID...  (No, this is NOT a SID, but below I will show you how to use a SID to get to this text representation thereof.)

The format of a SID is as follows:
S-<Revision Level>-<Identifier Authority>-<Subauthority Value>-<More Subauthority values...>

In your example, S-1-5-21-146995870-255084667-125644688-501:
Your revision level is 1;
Your ID Authority is 5 (All Windows NT authorities are 5.)
You then have 5 sub-authorities, starting with 21.

The API calls to get these values are "GetSidIdentifierAuthority", "GetSidSubAuthorityCount", "GetSidSubAuthority", etc...

Here is an example:
function UserName: string;
var
    UserBufSize: Integer;
    UserNameBuf: array[0..79] of Byte;
begin
    UserBufSize := 80;
    GetUserName(@UserNameBuf, UserBufSize);
    Result := string(PChar(@UserNameBuf));
end;

function SidToStr: string;
var
    i, cSid, cRefDomainName, peUse, NumSubAuthority: Integer;
    SidAuthority: Double;
    CurrentUserName: string;
    pSID, RefDomain: array[1..255] of Byte;
    SidIDAuthority: TSIDIdentifierAuthority;
    sSid: string;
begin
    cSid := SizeOf(pSid);
    cRefDomainName := SizeOf(RefDomain);
    FillChar(pSID, SizeOf(pSID), 0);
    FillChar(RefDomain, SizeOf(RefDomain), 0);
    CurrentUserName := UserName;
    LookupAccountName(nil, PChar(CurrentUserName), @pSID, cSid, @RefDomain, cRefDomainName, peUse);

    // Initial SID string.
    // I'm not sure how to get revision level, but
    // all appear to be 1.  ???
    sSid := 'S-1-';

    // Get the SID authority.
    SidIDAuthority := GetSidIdentifierAuthority(@pSid)^;
    SidAuthority := 0;
    for i := 0 to 5 do
        SidAuthority := SidAuthority + (SidIDAuthority.Value[i] shl (8 * (5 - i)));
    sSid := sSid + FloatToStr(SidAuthority) + '-';

    // Get the SID sub-authoritiy(s).
    NumSubAuthority := Integer(GetSidSubAuthorityCount(@pSid)^);
    for i := 0 to NumSubAuthority - 1 do
        sSid := sSid + IntToStr(GetSidSubAuthority(@pSid, i)^) + '-';

    // Remove the last "-" from the SID, and return it.
    sSid := Copy(sSid, 1, Length(sSid) - 1);
    Result := sSid;
end;


I hope this is what you were wanting!!   :-)
JB
0
 
LVL 1

Author Comment

by:mosi
ID: 1346655
Thanx JB, I will evaluate your answer soon.
0
 
LVL 1

Author Comment

by:mosi
ID: 1346656
I works just fine. Thanks. Sorry for the delay in evaluation.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now