How to get/find domain sid from machine sid
Question
I can get machine Sid like below:
var dir = new DirectoryEntry($"WinNT://{Environment.MachineName},Computer");
var objSid = dir.Children.Cast<DirectoryEntry>().First().InvokeGet("objectSID");
var secId = new SecurityIdentifier((byte[])objSid, 0);
var machineSid = secId.AccountDomainSid.ToString();
I tried to find computer Sid from machine Sid but it is always NULL.
using (PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, "AbcDomain", "userName", "password"))
{
var pc01 = ComputerPrincipal.FindByIdentity(principalContext, IdentityType.Sid, machineSid);
//output: pc01 = null
var pc02 = ComputerPrincipal.FindByIdentity(principalContext, IdentityType.Name, "PC-JACKML5291");
//output: pc02...
}
I want to check duplicate machine sid before calling JoinDomainOrWorkgroup . Can I get the Computer SID (joined domain) from machine SID?
1 answers
solution1
0 2020-05-29 20:32:06
The machine SID is not the same as the SID of the computer object on the domain. They are different.
According to this article ,
in order to assure uniqueness, the SID that Setup generates has one fixed subauthority value (21) and three randomly-generated subauthority values (the numbers following “S-1-5-21” in the output).
If you want the SID of the computer object on the domain, you will have to search for the object by the computer name.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.