Dealing with renamed/localized user/group names with managed code


If you are a regular reader of Michael Kaplan (I know I am), you might have run across his What’s in a name? (once more) post. He comments on the use of localized account names and points to the KB 157234, How to deal with localized and renamed user and group names.


For those of you running on managed code, be happy – the code to get well-known accounts is much simpler. A little bit of SecurityIdentifer, a dash of WellKnownSidType, and you should be ready to go.


// Build with: %windir%\Microsoft.Net\Framework\v2.0.50727\csc.exe foo.cs
using System;
using System.Security.Principal;


class DoIt
{
  public static void Main(string[] args)
  {
    WellKnownSidType[] knownSids = new WellKnownSidType[] {
      WellKnownSidType.LocalServiceSid,
      WellKnownSidType.NetworkServiceSid,
      WellKnownSidType.LocalSystemSid,
      WellKnownSidType.BuiltinAdministratorsSid,
    };
    foreach(WellKnownSidType knownSid in knownSids)
    {
      SecurityIdentifier identifier = new SecurityIdentifier(knownSid, null);
      NTAccount account = (NTAccount)identifier.Translate(typeof(NTAccount));
      Console.WriteLine(knownSid.ToString() + ” (” + identifier.Value + “): ” + account.Value);
    }
  }
}


C:\>foo.exe
LocalServiceSid (S-1-5-19): NT AUTHORITY\LOCAL SERVICE
NetworkServiceSid (S-1-5-20): NT AUTHORITY\NETWORK SERVICE
LocalSystemSid (S-1-5-18): NT AUTHORITY\SYSTEM
BuiltinAdministratorsSid (S-1-5-32-544): BUILTIN\Administrators


Enjoy!

Comments (0)

Skip to main content