Solved

SID to group name - Active Directory

Posted on 2004-10-04
10
1,329 Views
Last Modified: 2007-12-19
I have a SID in the format of S-1-2.... and I need to query an Active Directory to get the group name that corresponds to the respective SID utilizing Visual Basic 6.0.  Any help that anyone can provide will be greatly appreciated.
0
Comment
Question by:mknoke
  • 6
  • 3
10 Comments
 
LVL 76

Expert Comment

by:David Lee
ID: 12222971
A group's SID is stored in the Group object as a property called objectSID.  The first two links are to pages that document the property.  The third link is to a page with a VBScript example that includes code for converting the objectSID property from its native form into the string we are used to seeing.  The VBScript code is easily converted into pure VB.  You can use then use that code in a loop that itterates through the groups in your AD structure looking for a match.  You don't indicate in your question whether you just need code to compare the SIDs or whether you also need code to loop through the groups.  If you need the latter, then I can help with that too.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/octet_string__sid__property_type.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ad/ad/group_objects.asp
http://www.rlmueller.net/Programs/IsMember8.txt
0
 

Author Comment

by:mknoke
ID: 12226721
What I am looking for is to pass VB Code a SID, which will correlate to a group name.  I want that code to return the actual group name that we are used to seeing.  I do not need to determine the users in that group, I just need the group name.  Do you have some code that can do that for me?

Thanks!
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12228798
Ok, let me see if I can put something together that does that.
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12233772
I believe I figured out how to do it.  I'll post code tomorrow.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 76

Expert Comment

by:David Lee
ID: 12237450
Here's the code.  It really needs to go into a separate module (.bas file).  Do not insert an Option Base 1 command in the file.  Not only would you have to fix all of my array references from 0 based to 1 based, but I discovered during testing that the code just would not work with 1 based arrays.  I tested this code in my domain, searching for several different SIDs.  It correctly found them.  Be sure and include a reference to "Active DS Type Library" in your project.

Usage:  x = GetGroupNameFromSID("Domain","SID")
    Where: Domain is the name of the domain you want to search for the group in
                SID is the SID of the group that you want to search for
    Returns: The name of the group with the searched for SID

Dim arrSID(8) As Long

Public Function GetGroupNameFromSID(ByVal strDomain As String, ByVal strSID As String) As String
    Dim objDomain As IADsDomain, _
        objGroup As IADsGroup, _
        strTemp As String, _
        strMySID As String, _
        intStart As Integer, _
        intCounter As Integer, _
        strRetVal As String
    strRetVal = "Not Found"
    Set objDomain = GetObject("WinNT://" & strDomain)
    objDomain.Filter = Array("Group")
    For Each objGroup In objDomain
        objGroup.GetInfo
        strTemp = OctetToHexStr(objGroup.objectsid)
        arrSID(0) = Mid(strTemp, 1, 2)
        arrSID(1) = CLng(Mid(strTemp, 3, 2)) + 2        'The number of segments in this SID.
        arrSID(2) = BigEndian(Mid(strTemp, 5, 12))
        strMySID = "S-" & arrSID(0) & "-" & arrSID(2)
        intStart = 17
        For intCounter = 3 To arrSID(1)
            arrSID(intCounter) = LittleEndian(Mid(strTemp, intStart, 8))
            strMySID = strMySID & "-" & arrSID(intCounter)
            intStart = intStart + 8
        Next
        If strMySID = strSID Then
            strRetVal = objGroup.Name
            Exit For
        End If
    Next
    Set objGroup = Nothing
    Set objDomain = Nothing
    GetGroupNameFromSID = strRetVal
End Function

Private Function OctetToHexStr(arrbytOctet)
' This function from: http://www.rlmueller.net/Programs/IsMember8.txt
' I've modified it from its original version.
' Function to convert OctetString (byte array) to Hex string
    Dim k
    OctetToHexStr = ""
    For k = 1 To LenB(arrbytOctet)
        OctetToHexStr = OctetToHexStr & _
        Right("0" & Hex(AscB(MidB(arrbytOctet, k, 1))), 2)
    Next
End Function

Private Function BigEndian(strValue As String) As Long
' Function to convert a hex string stored in Big-Endian format
    Dim strBuffer As String
    strBuffer = "&" & strValue
    BigEndian = CLng(strBuffer)
End Function

Private Function LittleEndian(strValue As String) As Long
' Function to convert a hex string stored in Little-Endian format
    Dim strBuffer As String
    strBuffer = "&H" & Mid(strValue, 7, 2) & _
        Mid(strValue, 5, 2) & _
        Mid(strValue, 3, 2) & _
        Mid(strValue, 1, 2)
    LittleEndian = strBuffer
End Function
0
 

Author Comment

by:mknoke
ID: 12279824
Thanks for the quick response.  Is there any way that it can search only in a particular OU in the AD?  Or does this code only offer searching by the high level domain.  Thank you for all of your help.
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12280615
The code above searches the entire domain.  I suspect I can modify it to search a single OU though.  Is that what you need?
0
 

Author Comment

by:mknoke
ID: 12288888
Yes, that is what I need.  Thanks again.
0
 
LVL 76

Accepted Solution

by:
David Lee earned 500 total points
ID: 12294152
Ok, replace the GetGroupNameFromSID function with the one below.  This version uses the LDAP provider to get the OU instead of the WinNT provider I used before to grab the domain.  You'll need to edit this line of code

    Set objOU = GetObject("LDAP://MyServer.Company.Com/" & strPathToOU & ",dc=company,dc=com")

and replace MyServer.Company.Com with the path to your AD server and dc=company,dc=com with your AD information.  The call to the revised function requires you to pass the path to the OU you want to look for the group in.  If you use nested OUs, then that'll need to be in the form of OU=Level2OU,OU=Level1OU or however many levels you have in reverse order (deepest to shallowest).  As before I tested this in my AD environment and it worked like it should.


Public Function GetGroupNameFromSID(ByVal strPathToOU As String, ByVal strSID As String) As String
    Dim objGroup As IADsGroup, _
        objOU As IADsOU, _
        strTemp As String, _
        strMySID As String, _
        intStart As Integer, _
        intCounter As Integer, _
        strRetVal As String
    strRetVal = "Not Found"
    Set objOU = GetObject("LDAP://MyServer.Company.Com/" & strPathToOU & ",dc=company,dc=com")
    objOU.Filter = Array("Group")
    For Each objGroup In objOU
        objGroup.GetInfo
        strTemp = OctetToHexStr(objGroup.objectsid)
        arrSID(0) = Mid(strTemp, 1, 2)
        arrSID(1) = CLng(Mid(strTemp, 3, 2)) + 2        'The number of segments in this SID.
        arrSID(2) = BigEndian(Mid(strTemp, 5, 12))
        strMySID = "S-" & arrSID(0) & "-" & arrSID(2)
        intStart = 17
        For intCounter = 3 To arrSID(1)
            arrSID(intCounter) = LittleEndian(Mid(strTemp, intStart, 8))
            strMySID = strMySID & "-" & arrSID(intCounter)
            intStart = intStart + 8
        Next
        If strMySID = strSID Then
            strRetVal = Mid(objGroup.Name, 4)
            Exit For
        End If
    Next
    Set objGroup = Nothing
    Set objOU = Nothing
    GetGroupNameFromSID = strRetVal
End Function
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was working on a PowerPoint add-in the other day and a client asked me "can you implement a feature which processes a chart when it's pasted into a slide from another deck?". It got me wondering how to hook into built-in ribbon events in Office.
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now