Solved

SID to group name - Active Directory

Posted on 2004-10-04
10
1,328 Views
Last Modified: 2007-12-19
I have a SID in the format of S-1-2.... and I need to query an Active Directory to get the group name that corresponds to the respective SID utilizing Visual Basic 6.0.  Any help that anyone can provide will be greatly appreciated.
0
Comment
Question by:mknoke
  • 6
  • 3
10 Comments
 
LVL 76

Expert Comment

by:David Lee
ID: 12222971
A group's SID is stored in the Group object as a property called objectSID.  The first two links are to pages that document the property.  The third link is to a page with a VBScript example that includes code for converting the objectSID property from its native form into the string we are used to seeing.  The VBScript code is easily converted into pure VB.  You can use then use that code in a loop that itterates through the groups in your AD structure looking for a match.  You don't indicate in your question whether you just need code to compare the SIDs or whether you also need code to loop through the groups.  If you need the latter, then I can help with that too.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/octet_string__sid__property_type.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ad/ad/group_objects.asp
http://www.rlmueller.net/Programs/IsMember8.txt
0
 

Author Comment

by:mknoke
ID: 12226721
What I am looking for is to pass VB Code a SID, which will correlate to a group name.  I want that code to return the actual group name that we are used to seeing.  I do not need to determine the users in that group, I just need the group name.  Do you have some code that can do that for me?

Thanks!
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12228798
Ok, let me see if I can put something together that does that.
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12233772
I believe I figured out how to do it.  I'll post code tomorrow.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 76

Expert Comment

by:David Lee
ID: 12237450
Here's the code.  It really needs to go into a separate module (.bas file).  Do not insert an Option Base 1 command in the file.  Not only would you have to fix all of my array references from 0 based to 1 based, but I discovered during testing that the code just would not work with 1 based arrays.  I tested this code in my domain, searching for several different SIDs.  It correctly found them.  Be sure and include a reference to "Active DS Type Library" in your project.

Usage:  x = GetGroupNameFromSID("Domain","SID")
    Where: Domain is the name of the domain you want to search for the group in
                SID is the SID of the group that you want to search for
    Returns: The name of the group with the searched for SID

Dim arrSID(8) As Long

Public Function GetGroupNameFromSID(ByVal strDomain As String, ByVal strSID As String) As String
    Dim objDomain As IADsDomain, _
        objGroup As IADsGroup, _
        strTemp As String, _
        strMySID As String, _
        intStart As Integer, _
        intCounter As Integer, _
        strRetVal As String
    strRetVal = "Not Found"
    Set objDomain = GetObject("WinNT://" & strDomain)
    objDomain.Filter = Array("Group")
    For Each objGroup In objDomain
        objGroup.GetInfo
        strTemp = OctetToHexStr(objGroup.objectsid)
        arrSID(0) = Mid(strTemp, 1, 2)
        arrSID(1) = CLng(Mid(strTemp, 3, 2)) + 2        'The number of segments in this SID.
        arrSID(2) = BigEndian(Mid(strTemp, 5, 12))
        strMySID = "S-" & arrSID(0) & "-" & arrSID(2)
        intStart = 17
        For intCounter = 3 To arrSID(1)
            arrSID(intCounter) = LittleEndian(Mid(strTemp, intStart, 8))
            strMySID = strMySID & "-" & arrSID(intCounter)
            intStart = intStart + 8
        Next
        If strMySID = strSID Then
            strRetVal = objGroup.Name
            Exit For
        End If
    Next
    Set objGroup = Nothing
    Set objDomain = Nothing
    GetGroupNameFromSID = strRetVal
End Function

Private Function OctetToHexStr(arrbytOctet)
' This function from: http://www.rlmueller.net/Programs/IsMember8.txt
' I've modified it from its original version.
' Function to convert OctetString (byte array) to Hex string
    Dim k
    OctetToHexStr = ""
    For k = 1 To LenB(arrbytOctet)
        OctetToHexStr = OctetToHexStr & _
        Right("0" & Hex(AscB(MidB(arrbytOctet, k, 1))), 2)
    Next
End Function

Private Function BigEndian(strValue As String) As Long
' Function to convert a hex string stored in Big-Endian format
    Dim strBuffer As String
    strBuffer = "&" & strValue
    BigEndian = CLng(strBuffer)
End Function

Private Function LittleEndian(strValue As String) As Long
' Function to convert a hex string stored in Little-Endian format
    Dim strBuffer As String
    strBuffer = "&H" & Mid(strValue, 7, 2) & _
        Mid(strValue, 5, 2) & _
        Mid(strValue, 3, 2) & _
        Mid(strValue, 1, 2)
    LittleEndian = strBuffer
End Function
0
 

Author Comment

by:mknoke
ID: 12279824
Thanks for the quick response.  Is there any way that it can search only in a particular OU in the AD?  Or does this code only offer searching by the high level domain.  Thank you for all of your help.
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12280615
The code above searches the entire domain.  I suspect I can modify it to search a single OU though.  Is that what you need?
0
 

Author Comment

by:mknoke
ID: 12288888
Yes, that is what I need.  Thanks again.
0
 
LVL 76

Accepted Solution

by:
David Lee earned 500 total points
ID: 12294152
Ok, replace the GetGroupNameFromSID function with the one below.  This version uses the LDAP provider to get the OU instead of the WinNT provider I used before to grab the domain.  You'll need to edit this line of code

    Set objOU = GetObject("LDAP://MyServer.Company.Com/" & strPathToOU & ",dc=company,dc=com")

and replace MyServer.Company.Com with the path to your AD server and dc=company,dc=com with your AD information.  The call to the revised function requires you to pass the path to the OU you want to look for the group in.  If you use nested OUs, then that'll need to be in the form of OU=Level2OU,OU=Level1OU or however many levels you have in reverse order (deepest to shallowest).  As before I tested this in my AD environment and it worked like it should.


Public Function GetGroupNameFromSID(ByVal strPathToOU As String, ByVal strSID As String) As String
    Dim objGroup As IADsGroup, _
        objOU As IADsOU, _
        strTemp As String, _
        strMySID As String, _
        intStart As Integer, _
        intCounter As Integer, _
        strRetVal As String
    strRetVal = "Not Found"
    Set objOU = GetObject("LDAP://MyServer.Company.Com/" & strPathToOU & ",dc=company,dc=com")
    objOU.Filter = Array("Group")
    For Each objGroup In objOU
        objGroup.GetInfo
        strTemp = OctetToHexStr(objGroup.objectsid)
        arrSID(0) = Mid(strTemp, 1, 2)
        arrSID(1) = CLng(Mid(strTemp, 3, 2)) + 2        'The number of segments in this SID.
        arrSID(2) = BigEndian(Mid(strTemp, 5, 12))
        strMySID = "S-" & arrSID(0) & "-" & arrSID(2)
        intStart = 17
        For intCounter = 3 To arrSID(1)
            arrSID(intCounter) = LittleEndian(Mid(strTemp, intStart, 8))
            strMySID = strMySID & "-" & arrSID(intCounter)
            intStart = intStart + 8
        Next
        If strMySID = strSID Then
            strRetVal = Mid(objGroup.Name, 4)
            Exit For
        End If
    Next
    Set objGroup = Nothing
    Set objOU = Nothing
    GetGroupNameFromSID = strRetVal
End Function
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Have you ever wanted to restrict the users input in a textbox to numbers, and while doing that make sure that they can't 'cheat' by pasting in non-numeric text? Of course you can do that with code you write yourself but it's tedious and error-prone …
Enums (shorthand for ‘enumerations’) are not often used by programmers but they can be quite valuable when they are.  What are they? An Enum is just a type of variable like a string or an Integer, but in this case one that you create that contains…
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now