Solved

read SID of current user

Posted on 1997-09-30
8
1,285 Views
Last Modified: 2006-11-17
How can I read the SID of the current login user
under Win NT Workstation 4.0?
The Delphi 3.0 program which must do this, must run under the security context of the current login user.

Maybe this is not possible, but if will consider the question answered if someone gives a working example,
and otherwise delete it.
0
Comment
Question by:mosi
  • 4
  • 3
8 Comments
 
LVL 3

Expert Comment

by:mirek071497
ID: 1346649
I must try but i think so you can get it from ACE, I don't know how to obtain ACE but there was same enumerate functions for this.
0
 
LVL 5

Accepted Solution

by:
JimBob091197 earned 400 total points
ID: 1346650
To get the SID use LookupAccountName.

E.g.
procedure TForm1.btnGoClick(Sender: TObject);
var
  cSid, cRefDomainName, peUse: Integer;
  pSID, RefDomain: array[1..255] of Byte;
begin
  cSid := SizeOf(pSid);
  cRefDomainName := SizeOf(RefDomain);
  FillChar(pSID, SizeOf(pSID), 0);
  FillChar(RefDomain, SizeOf(RefDomain), 0);
  LookupAccountName('', 'Administrator', @pSID, cSid, @RefDomain, cRefDomainName, peUse);
end;

pSID will be filled with the SID information.  (For more info on the SID structure search for SID in Windows.pas.)

Instead of fixing the Account Name (in my e.g. Administrator) you could use the GetUserName API call.
E.g.
function UserName: string;
var
  UserBufSize: Integer;
  UserNameBuf: array[0..79] of Byte;
begin
  UserBufSize := 80;
  GetUserName(@UserNameBuf, UserBufSize);
  Result := string(PChar(@UserNameBuf));
end;

Hope this helps you.
JB
0
 
LVL 1

Author Comment

by:mosi
ID: 1346651
JB your reaction contains part of the answer,
but it is not useful to me yet. The return values for the SID are
in a array of byte [256]. I can't make head or tails of it.
I would like to get the (exact) string as is displayed in the registry, by dumpacl.exe, regback.exe, and so on.  

Could you expand on this, otherwise I afraid I must reject your answer.

Thanks,
 Mosi

0
 
LVL 5

Expert Comment

by:JimBob091197
ID: 1346652
Your original question merely asked how to get the SID for the current user under NT WorkStation 4.  I assumed you would know what to do with it once you had a pointer to it...  (You can find its structure in Windows.pas; search for SID.)

What exact string do you want from the registry?  (Give me an example...)  I don't have dumpacl.exe on my system...

JB
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Author Comment

by:mosi
ID: 1346653
By SID I ment the obvious the string used in Windows NT
at e.g. the command prompt, e.g. for regback. All programs
displays the SID in this format.

This format looks like this:
S-1-5-21-146995870-255084667-125644688-501

This is the SID. Maybe some intermediate internal structure in Delphi or the WinApi is different. I need the SID as commonly known in Windows NT.    

0
 
LVL 5

Expert Comment

by:JimBob091197
ID: 1346654
Ah, so you want the textual representation of a SID...  (No, this is NOT a SID, but below I will show you how to use a SID to get to this text representation thereof.)

The format of a SID is as follows:
S-<Revision Level>-<Identifier Authority>-<Subauthority Value>-<More Subauthority values...>

In your example, S-1-5-21-146995870-255084667-125644688-501:
Your revision level is 1;
Your ID Authority is 5 (All Windows NT authorities are 5.)
You then have 5 sub-authorities, starting with 21.

The API calls to get these values are "GetSidIdentifierAuthority", "GetSidSubAuthorityCount", "GetSidSubAuthority", etc...

Here is an example:
function UserName: string;
var
    UserBufSize: Integer;
    UserNameBuf: array[0..79] of Byte;
begin
    UserBufSize := 80;
    GetUserName(@UserNameBuf, UserBufSize);
    Result := string(PChar(@UserNameBuf));
end;

function SidToStr: string;
var
    i, cSid, cRefDomainName, peUse, NumSubAuthority: Integer;
    SidAuthority: Double;
    CurrentUserName: string;
    pSID, RefDomain: array[1..255] of Byte;
    SidIDAuthority: TSIDIdentifierAuthority;
    sSid: string;
begin
    cSid := SizeOf(pSid);
    cRefDomainName := SizeOf(RefDomain);
    FillChar(pSID, SizeOf(pSID), 0);
    FillChar(RefDomain, SizeOf(RefDomain), 0);
    CurrentUserName := UserName;
    LookupAccountName(nil, PChar(CurrentUserName), @pSID, cSid, @RefDomain, cRefDomainName, peUse);

    // Initial SID string.
    // I'm not sure how to get revision level, but
    // all appear to be 1.  ???
    sSid := 'S-1-';

    // Get the SID authority.
    SidIDAuthority := GetSidIdentifierAuthority(@pSid)^;
    SidAuthority := 0;
    for i := 0 to 5 do
        SidAuthority := SidAuthority + (SidIDAuthority.Value[i] shl (8 * (5 - i)));
    sSid := sSid + FloatToStr(SidAuthority) + '-';

    // Get the SID sub-authoritiy(s).
    NumSubAuthority := Integer(GetSidSubAuthorityCount(@pSid)^);
    for i := 0 to NumSubAuthority - 1 do
        sSid := sSid + IntToStr(GetSidSubAuthority(@pSid, i)^) + '-';

    // Remove the last "-" from the SID, and return it.
    sSid := Copy(sSid, 1, Length(sSid) - 1);
    Result := sSid;
end;


I hope this is what you were wanting!!   :-)
JB
0
 
LVL 1

Author Comment

by:mosi
ID: 1346655
Thanx JB, I will evaluate your answer soon.
0
 
LVL 1

Author Comment

by:mosi
ID: 1346656
I works just fine. Thanks. Sorry for the delay in evaluation.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now