天道酬勤,学无止境

sid

Python ldap3 code to get username from SID

I have a SID string (e.g., "S-1-5-21-500000003-1000000000-1000000003-1001") of a user on a shared Windows server, and I need to get the related username. I suppose that this may be achieved by: Turning the SID string into byte array. Using a suitable ldpa query to get the related username. But I failed to find exact and reliable instructions of how to do it (this way or another). I'll appreciate any useful guide, especially if it comes with demo Python (ldap3) code.

2021-11-25 22:01:06    分类:问答    python   active-directory   ldap   sid

Win32 API: Creating file public for current user but private for everyone else

I am testing the following code in C using Win32 API, which is intended to create a new file that is accessible for the current user but private (not accessible) for everyone else. For this this a deny all permissions for everyone SID, then for current's user SID I set up the permissions. The file is created successfully and the permissions are apparently set up successfully (see screenshots below), however when I try to open the file with notepad, it says "access is denied" (My file explorer is running under the same session), also if I open a command prompt and do "type file_created.txt" the

2021-11-20 19:18:10    分类:问答    c++   winapi   visual-c++   sid   dacl

使用命令行复制/粘贴用户 SID?(User SID copy/paste using command line?)

问题 是否可以仅使用命令行(Windows 7)从注册表(或其他)复制用户 SID 并粘贴到 txt 文件中? 回答1 通过 WMIC wmic useraccount where name='%username%' get sid | findstr /b /C:"S-1" > file.txt 通过 WHOAMI(如果在批处理文件中使用,则重复百分号) for /F "tokens=2 delims=," %f in ('whoami /user /FO CSV /NH') do echo %~f > file.txt

2021-11-09 22:29:41    分类:技术分享    command-line   cmd   sid

User SID copy/paste using command line?

Can user SID be copied from registry (or whatever) and pasted to a txt file using command line only (Windows 7)?

2021-11-08 00:31:31    分类:问答    command-line   cmd   sid

如何修复 TFS 2013 中不匹配的用户 SID?(How do I fix a mismatched user SID in TFS 2013?)

问题 TFSConfig Identities 列出了所有 TFS 帐户以及除一个匹配的 Windows 之外的所有帐户。 如何修复匹配为 False 的单独用户帐户? 虽然这可能无关紧要,但我将其添加到帖子中,以防它提供任何其他线索。 我尝试重新申请应用层控制台用户列表中的用户,但失败了。 该日志指出该帐户也是一个孤立的 SQL Server 登录名。 不过,如果 SID 不匹配,我认为这是有道理的。 回答1 由于您已重新申请 Application Tire Console Users 列表中的用户。 您对本地或 Active Directory 组所做的更改不会立即反映在 TFS 中。 这可能是身份同步问题。 您必须等待下一次与 Windows 的身份同步,才能更新您进行某些帐户更改的帐户属性。 此要求包括从组到用户、用户到组以及域帐户到本地帐户的更改。 您也可以强制 TFS 同步,详细信息请参阅此博客。 在此之后再次运行 TFSConfig Identities。

2021-10-16 16:22:08    分类:技术分享    tfs   sid

为新创建的用户编辑注册表值(Editing registry value for newly created user)

问题 我有一个 .NET 应用程序,它创建一个新的本地用户,如下所示: var principalContext = new PrincipalContext(ContextType.Machine); var userPrincipal = new UserPrincipal(principalContext); userPrincipal.Name = StandardUserName.Text; userPrincipal.Description = "New local user"; userPrincipal.UserCannotChangePassword = true; userPrincipal.PasswordNeverExpires = true; userPrincipal.Save(); // Add user to the users group var usersGroupPrincipal = GroupPrincipal.FindByIdentity(principalContext, UserGroupName.Text); usersGroupPrincipal.Members.Add(userPrincipal); usersGroupPrincipal.Save(); 接下来,我想为该用户设置一些注册表值。 为此,我需要用户的 SID:

2021-09-29 23:52:08    分类:技术分享    c#   .net   registry   sid   userprincipal

How do I fix a mismatched user SID in TFS 2013?

TFSConfig Identities listed all TFS accounts and all but one matched Windows. How do I fix the lone user account where the Match is False? While this may not be relevant, I add it to the post in case it provides any additional clues. I tried to reapply the user in the Application Tier Console Users list and it failed. The log stated the account is also an orphaned SQL Server Login. I assume that makes sense if the SID is mismatched, though.

2021-09-28 05:23:28    分类:问答    tfs   sid

Editing registry value for newly created user

I have a .NET application that creates a new local user like so: var principalContext = new PrincipalContext(ContextType.Machine); var userPrincipal = new UserPrincipal(principalContext); userPrincipal.Name = StandardUserName.Text; userPrincipal.Description = "New local user"; userPrincipal.UserCannotChangePassword = true; userPrincipal.PasswordNeverExpires = true; userPrincipal.Save(); // Add user to the users group var usersGroupPrincipal = GroupPrincipal.FindByIdentity(principalContext, UserGroupName.Text); usersGroupPrincipal.Members.Add(userPrincipal); usersGroupPrincipal.Save(); Next, I

2021-09-04 06:51:28    分类:问答    c#   .net   registry   sid   userprincipal

将 SID 字符串格式转换为字节数组(Convert SID string format to bytes array)

问题 我想将 SID 字符串格式转换为字节数组表示形式,然后将其提供给 C# 中LookupAccountSid()方法的第二个参数。 但我没有找到任何可以做到这一点的内置函数。 例如: SID = S-1-5-32-544 可以转换为: (SID: 1,2,0,0,0,0,0,5,32,0,0,0,32,2,0,0) 我在一些帖子里看到过。 但是怎么样? 有没有简单的方法来实现这一目标? 基本上我想要NT Authority\NetworkService的字节数组表示,即SID = S-1-5-20 。 在此先感谢您的帮助。 回答1 您应该使用System.Security.Principal命名空间中的 SecurityIdentifier 对象: var sid = new SecurityIdentifier("S-1-5-32-544"); byte[] bytes = new byte[sid.BinaryLength]; sid.GetBinaryForm(bytes, 0); 如果您希望将其作为文本,则可以: string strsid = string.Format("(SID: {0})", string.Join(",", bytes )); 它产生的正是: (SID: 1,2,0,0,0,0,0,5,32,0,0,0,32,2,0,0) 此外,如果您想要NT

2021-09-01 01:52:57    分类:技术分享    c#   .net   sid

Convert SID string format to bytes array

I want to convert SID string format to bytes array representation which in turn will be supplied to LookupAccountSid() method's second argument in C#. But I don't find any particular in built function which can do this. For example: SID = S-1-5-32-544 can be converted into: (SID: 1,2,0,0,0,0,0,5,32,0,0,0,32,2,0,0) I saw it in some posts. but how? Is there a easy way to achieve this? Basically I want the byte array representation of the NT Authority\NetworkService which is SID = S-1-5-20. Thanks in advance for your help.

2021-07-30 09:18:12    分类:问答    c#   .net   sid