Converting objectSid to string


I was writing a tool yesterday that involved mucking with Active Directory and such. During the process I realized that I needed to save the objectSid of the user for later use. AD defines this property as “Octet string” saved as bytes. Following the general wisdom and internet advices to convert this byte array into proper Sid did not work.

A little more digging and I found a simple class in .Net framework – SecurityIdentifier


MSDN defines this class as “Represents a security identifier (SID) and provides marshaling and comparison operations for SIDs.”

At this point, it becomes a simple matter of instantiating this class and calling ToString:

private static string ConvertSidToString(byte[] objectSid)
{
    SecurityIdentifier si = new SecurityIdentifier(objectSid, 0);
    return si.ToString();
}

Happy coding!


Comments (2)

  1. Jag says:

    Thanks man…Saved me a bit of time 🙂

  2. raheel says:

    plz tell in detail i want to view SID my code is as follows

     DirectoryEntry de = new

               DirectoryEntry(ConfigurationManager.AppSettings.Get("ADPath"));

               // Authentication details

               de.Username = ConfigurationManager.AppSettings.Get("ADServiceAccount"); //DOMAINUser

               de.Password = ConfigurationManager.AppSettings.Get("ADServiceAccountPassword");

               de.AuthenticationType = AuthenticationTypes.FastBind;

               DirectorySearcher DirectorySearcher = new

               DirectorySearcher(de);

               DirectorySearcher.ClientTimeout = TimeSpan.FromSeconds(30);

               // load the properties we are interested in

               DirectorySearcher.PropertiesToLoad.Add("cn");

               DirectorySearcher.PropertiesToLoad.Add("sAMAccountName");

               DirectorySearcher.PropertiesToLoad.Add("mail");

               DirectorySearcher.PropertiesToLoad.Add("displayName");

               DirectorySearcher.PropertiesToLoad.Add("mDBStorageQuota");

               DirectorySearcher.PropertiesToLoad.Add("title");

               DirectorySearcher.PropertiesToLoad.Add("physicalDeliveryOfficeName");

               DirectorySearcher.PropertiesToLoad.Add("telephoneNumber");

               DirectorySearcher.PropertiesToLoad.Add("manager");

               DirectorySearcher.PropertiesToLoad.Add("objectSID");

               // filter it on exact entry – NOTE no wild card

               DirectorySearcher.Filter = "(displayName=" + fullUserName.Trim() + ")";

               SearchResult result;

               // There should only be one entry

               result = DirectorySearcher.FindOne();

               if (result != null)

               {

                   // Create a table an populate it with properties to bind togridview

                   DataTable myTable = new DataTable("ActiveDir");

                   myTable.Columns.Add(new DataColumn("Key",

                   System.Type.GetType("System.String")));

                   myTable.Columns.Add(new DataColumn("Value",

                   System.Type.GetType("System.String")));

                   DataRow myRow;

                   foreach (string propname in

                   result.Properties.PropertyNames)

                   {

                       foreach (Object objValue in

                       result.Properties[propname])

                       {

                           myRow = myTable.NewRow();

                           myRow[0] = propname;

                           myRow[1] = objValue.ToString();

                           myTable.Rows.Add(myRow);

                       }

                   }

                   return myTable;

               }

               else

               {

                   return null;

               }