|
|
|
date: Thu, 12 May 2005 14:27:19 -0400,
group: microsoft.public.platformsdk.adsi
back
foreignsecurityprincipal SID > UserID
I have 2 domains. One is a user domain, and the other is a resource domain. I want to authenticate the users against the user domain, but then get their permissions from the resource domain(where they are FSPs) I can get a listing of the sids from the FSP folder, but I can not get the correct variable to have the domain\username returned. The below code works great for the user domain. And I am using it as a basis for my FSP search. But I need the help on returning a real name and not a SID. I am NOT using ADAM(whatever that is).
Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean
Dim domainAndUsername As String = domain "\" username
Debug.WriteLine(_path)
Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd)
Try
Dim obj As Object = entry.NativeObject
Dim search As DirectorySearcher = New DirectorySearcher(entry)
search.Filter = "(SAMAccountName=" username ")"
search.PropertiesToLoad.Add("cn")
Dim result As SearchResult = search.FindOne
_path = result.Path
_filterAttribute = CType(result.Properties("cn")(0), String)
Dim message As New StringBuilder
message.AppendFormat("{0}={1}", "Path", _path)
message.Append(Environment.NewLine)
message.AppendFormat("{0}={1}", "FilterAttribute", _filterAttribute)
Debug.WriteLine(message.ToString)
If result Is Nothing Then
Return False
Else
Return True
End If
Catch ex As Exception
Return False
End Try
Return True
End Function
Public Function GetGroups() As String
Dim search As DirectorySearcher = New DirectorySearcher(_path)
search.Filter = "(cn=" _filterAttribute ")"
search.PropertiesToLoad.Add("memberOf")
Dim groupNames As StringBuilder = New StringBuilder
Try
Dim result As SearchResult = search.FindOne
Dim propertyCount As Integer = result.Properties("memberOf").Count
Dim dn As String
Dim equalsIndex As Integer
Dim commaIndex As Integer
Dim propertyCounter As Integer = 0
While propertyCounter < propertyCount
dn = CType(result.Properties("memberOf")(propertyCounter), String)
equalsIndex = dn.IndexOf("=", 1)
commaIndex = dn.IndexOf(",", 1)
If -1 = equalsIndex Then
Return Nothing
End If
groupNames.Append(dn.Substring((equalsIndex 1), (commaIndex - equalsIndex) - 1))
groupNames.Append("|")
System.Math.Min(System.Threading.Interlocked.Increment(propertyCounter), propertyCounter - 1)
End While
Catch ex As Exception
Throw New Exception("Error obtaining group names. " ex.Message)
End Try
Debug.WriteLine(groupNames.ToString)
Return groupNames.ToString
End Function
--
--Eric Cathell, MCSA
date: Thu, 12 May 2005 14:27:19 -0400
author: ECathell
Re: foreignsecurityprincipal SID > UserID
You need to convert the SID to a name. The fastest way of doing it would be
through a sid to name API call like LsaLookupSids or LookupAccountSid.
There may be a NET specific version of the calls as well, but I am not familiar
with them.
--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
ECathell wrote:
> I have 2 domains. One is a user domain, and the other is a resource
> domain. I want to authenticate the users against the user domain, but
> then get their permissions from the resource domain(where they are FSPs)
> I can get a listing of the sids from the FSP folder, but I can not get
> the correct variable to have the domain\username returned. The below
> code works great for the user domain. And I am using it as a basis for
> my FSP search. But I need the help on returning a real name and not a
> SID. I am NOT using ADAM(whatever that is).
>
>
> Public Function IsAuthenticated(ByVal domain As String, ByVal username
> As String, ByVal pwd As String) As Boolean
>
> Dim domainAndUsername As String = domain + "\" + username
>
> Debug.WriteLine(_path)
>
>
>
> Dim entry As DirectoryEntry = New DirectoryEntry(_path,
> domainAndUsername, pwd)
>
>
>
> Try
>
> Dim obj As Object = entry.NativeObject
>
> Dim search As DirectorySearcher = New
> DirectorySearcher(entry)
>
> search.Filter = "(SAMAccountName=" + username + ")"
>
> search.PropertiesToLoad.Add("cn")
>
> Dim result As SearchResult = search.FindOne
>
>
>
> _path = result.Path
>
> _filterAttribute = CType(result.Properties("cn")(0), String)
>
>
>
> Dim message As New StringBuilder
>
> message.AppendFormat("{0}={1}", "Path", _path)
>
> message.Append(Environment.NewLine)
>
> message.AppendFormat("{0}={1}", "FilterAttribute",
> _filterAttribute)
>
> Debug.WriteLine(message.ToString)
>
> If result Is Nothing Then
>
> Return False
>
> Else
>
> Return True
>
> End If
>
>
>
> Catch ex As Exception
>
> Return False
>
>
>
> End Try
>
> Return True
>
> End Function
>
>
>
> Public Function GetGroups() As String
>
> Dim search As DirectorySearcher = New DirectorySearcher(_path)
>
> search.Filter = "(cn=" + _filterAttribute + ")"
>
> search.PropertiesToLoad.Add("memberOf")
>
> Dim groupNames As StringBuilder = New StringBuilder
>
> Try
>
> Dim result As SearchResult = search.FindOne
>
> Dim propertyCount As Integer =
> result.Properties("memberOf").Count
>
> Dim dn As String
>
> Dim equalsIndex As Integer
>
> Dim commaIndex As Integer
>
> Dim propertyCounter As Integer = 0
>
> While propertyCounter < propertyCount
>
> dn =
> CType(result.Properties("memberOf")(propertyCounter), String)
>
> equalsIndex = dn.IndexOf("=", 1)
>
> commaIndex = dn.IndexOf(",", 1)
>
> If -1 = equalsIndex Then
>
> Return Nothing
>
> End If
>
> groupNames.Append(dn.Substring((equalsIndex + 1),
> (commaIndex - equalsIndex) - 1))
>
> groupNames.Append("|")
>
>
> System.Math.Min(System.Threading.Interlocked.Increment(propertyCounter),
> propertyCounter - 1)
>
> End While
>
> Catch ex As Exception
>
> Throw New Exception("Error obtaining group names. " +
> ex.Message)
>
> End Try
>
> Debug.WriteLine(groupNames.ToString)
>
> Return groupNames.ToString
>
> End Function
>
>
> --
> --Eric Cathell, MCSA
date: Fri, 13 May 2005 13:28:14 -0400
author: Joe Richards [MVP]
Re: foreignsecurityprincipal SID > UserID
Knowing you, I know you don't really want to know :), but for posterity
sake, .NET 1.x requires you to p/invoke the Windows API functions, but .NET
2.0 has built-in support for this stuff with the new IdentityReference
classes.
Joe K.
"Joe Richards [MVP]" wrote in message
news:OXQ3lE%23VFHA.584@TK2MSFTNGP15.phx.gbl...
> You need to convert the SID to a name. The fastest way of doing it would
> be through a sid to name API call like LsaLookupSids or LookupAccountSid.
>
> There may be a NET specific version of the calls as well, but I am not
> familiar with them.
>
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> www.joeware.net
>
>
> ECathell wrote:
>> I have 2 domains. One is a user domain, and the other is a resource
>> domain. I want to authenticate the users against the user domain, but
>> then get their permissions from the resource domain(where they are FSPs)
>> I can get a listing of the sids from the FSP folder, but I can not get
>> the correct variable to have the domain\username returned. The below code
>> works great for the user domain. And I am using it as a basis for my FSP
>> search. But I need the help on returning a real name and not a SID. I am
>> NOT using ADAM(whatever that is).
>> Public Function IsAuthenticated(ByVal domain As String, ByVal username
>> As String, ByVal pwd As String) As Boolean
>>
>> Dim domainAndUsername As String = domain + "\" + username
>>
>> Debug.WriteLine(_path)
>>
>> Dim entry As DirectoryEntry = New DirectoryEntry(_path,
>> domainAndUsername, pwd)
>>
>> Try
>>
>> Dim obj As Object = entry.NativeObject
>>
>> Dim search As DirectorySearcher = New
>> DirectorySearcher(entry)
>>
>> search.Filter = "(SAMAccountName=" + username + ")"
>>
>> search.PropertiesToLoad.Add("cn")
>>
>> Dim result As SearchResult = search.FindOne
>>
>> _path = result.Path
>>
>> _filterAttribute = CType(result.Properties("cn")(0),
>> String)
>>
>> Dim message As New StringBuilder
>>
>> message.AppendFormat("{0}={1}", "Path", _path)
>>
>> message.Append(Environment.NewLine)
>>
>> message.AppendFormat("{0}={1}", "FilterAttribute",
>> _filterAttribute)
>>
>> Debug.WriteLine(message.ToString)
>>
>> If result Is Nothing Then
>>
>> Return False
>>
>> Else
>>
>> Return True
>>
>> End If
>>
>> Catch ex As Exception
>>
>> Return False
>>
>> End Try
>>
>> Return True
>>
>> End Function
>>
>> Public Function GetGroups() As String
>>
>> Dim search As DirectorySearcher = New
>> DirectorySearcher(_path)
>>
>> search.Filter = "(cn=" + _filterAttribute + ")"
>>
>> search.PropertiesToLoad.Add("memberOf")
>>
>> Dim groupNames As StringBuilder = New StringBuilder
>>
>> Try
>>
>> Dim result As SearchResult = search.FindOne
>>
>> Dim propertyCount As Integer =
>> result.Properties("memberOf").Count
>>
>> Dim dn As String
>>
>> Dim equalsIndex As Integer
>>
>> Dim commaIndex As Integer
>>
>> Dim propertyCounter As Integer = 0
>>
>> While propertyCounter < propertyCount
>>
>> dn =
>> CType(result.Properties("memberOf")(propertyCounter), String)
>>
>> equalsIndex = dn.IndexOf("=", 1)
>>
>> commaIndex = dn.IndexOf(",", 1)
>>
>> If -1 = equalsIndex Then
>>
>> Return Nothing
>>
>> End If
>>
>> groupNames.Append(dn.Substring((equalsIndex + 1),
>> (commaIndex - equalsIndex) - 1))
>>
>> groupNames.Append("|")
>>
>>
>> System.Math.Min(System.Threading.Interlocked.Increment(propertyCounter),
>> propertyCounter - 1)
>>
>> End While
>>
>> Catch ex As Exception
>>
>> Throw New Exception("Error obtaining group names. " +
>> ex.Message)
>>
>> End Try
>>
>> Debug.WriteLine(groupNames.ToString)
>>
>> Return groupNames.ToString
>>
>> End Function
>>
>>
>> --
>> --Eric Cathell, MCSA
date: Fri, 13 May 2005 20:53:53 -0500
author: Joe Kaplan \(MVP - ADSI\)
Re: foreignsecurityprincipal SID > UserID
:o)
--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
Joe Kaplan (MVP - ADSI) wrote:
> Knowing you, I know you don't really want to know :), but for posterity
> sake, .NET 1.x requires you to p/invoke the Windows API functions, but .NET
> 2.0 has built-in support for this stuff with the new IdentityReference
> classes.
>
> Joe K.
>
> "Joe Richards [MVP]" wrote in message
> news:OXQ3lE%23VFHA.584@TK2MSFTNGP15.phx.gbl...
>
>>You need to convert the SID to a name. The fastest way of doing it would
>>be through a sid to name API call like LsaLookupSids or LookupAccountSid.
>>
>>There may be a NET specific version of the calls as well, but I am not
>>familiar with them.
>>
>>
>>--
>>Joe Richards Microsoft MVP Windows Server Directory Services
>>www.joeware.net
>>
>>
>>ECathell wrote:
>>
>>>I have 2 domains. One is a user domain, and the other is a resource
>>>domain. I want to authenticate the users against the user domain, but
>>>then get their permissions from the resource domain(where they are FSPs)
>>>I can get a listing of the sids from the FSP folder, but I can not get
>>>the correct variable to have the domain\username returned. The below code
>>>works great for the user domain. And I am using it as a basis for my FSP
>>>search. But I need the help on returning a real name and not a SID. I am
>>>NOT using ADAM(whatever that is).
>>> Public Function IsAuthenticated(ByVal domain As String, ByVal username
>>>As String, ByVal pwd As String) As Boolean
>>>
>>> Dim domainAndUsername As String = domain + "\" + username
>>>
>>> Debug.WriteLine(_path)
>>>
>>> Dim entry As DirectoryEntry = New DirectoryEntry(_path,
>>>domainAndUsername, pwd)
>>>
>>> Try
>>>
>>> Dim obj As Object = entry.NativeObject
>>>
>>> Dim search As DirectorySearcher = New
>>>DirectorySearcher(entry)
>>>
>>> search.Filter = "(SAMAccountName=" + username + ")"
>>>
>>> search.PropertiesToLoad.Add("cn")
>>>
>>> Dim result As SearchResult = search.FindOne
>>>
>>> _path = result.Path
>>>
>>> _filterAttribute = CType(result.Properties("cn")(0),
>>>String)
>>>
>>> Dim message As New StringBuilder
>>>
>>> message.AppendFormat("{0}={1}", "Path", _path)
>>>
>>> message.Append(Environment.NewLine)
>>>
>>> message.AppendFormat("{0}={1}", "FilterAttribute",
>>>_filterAttribute)
>>>
>>> Debug.WriteLine(message.ToString)
>>>
>>> If result Is Nothing Then
>>>
>>> Return False
>>>
>>> Else
>>>
>>> Return True
>>>
>>> End If
>>>
>>> Catch ex As Exception
>>>
>>> Return False
>>>
>>> End Try
>>>
>>> Return True
>>>
>>> End Function
>>>
>>> Public Function GetGroups() As String
>>>
>>> Dim search As DirectorySearcher = New
>>>DirectorySearcher(_path)
>>>
>>> search.Filter = "(cn=" + _filterAttribute + ")"
>>>
>>> search.PropertiesToLoad.Add("memberOf")
>>>
>>> Dim groupNames As StringBuilder = New StringBuilder
>>>
>>> Try
>>>
>>> Dim result As SearchResult = search.FindOne
>>>
>>> Dim propertyCount As Integer =
>>>result.Properties("memberOf").Count
>>>
>>> Dim dn As String
>>>
>>> Dim equalsIndex As Integer
>>>
>>> Dim commaIndex As Integer
>>>
>>> Dim propertyCounter As Integer = 0
>>>
>>> While propertyCounter < propertyCount
>>>
>>> dn =
>>>CType(result.Properties("memberOf")(propertyCounter), String)
>>>
>>> equalsIndex = dn.IndexOf("=", 1)
>>>
>>> commaIndex = dn.IndexOf(",", 1)
>>>
>>> If -1 = equalsIndex Then
>>>
>>> Return Nothing
>>>
>>> End If
>>>
>>> groupNames.Append(dn.Substring((equalsIndex + 1),
>>>(commaIndex - equalsIndex) - 1))
>>>
>>> groupNames.Append("|")
>>>
>>>
>>>System.Math.Min(System.Threading.Interlocked.Increment(propertyCounter),
>>>propertyCounter - 1)
>>>
>>> End While
>>>
>>> Catch ex As Exception
>>>
>>> Throw New Exception("Error obtaining group names. " +
>>>ex.Message)
>>>
>>> End Try
>>>
>>> Debug.WriteLine(groupNames.ToString)
>>>
>>> Return groupNames.ToString
>>>
>>> End Function
>>>
>>>
>>>--
>>>--Eric Cathell, MCSA
>
>
>
date: Fri, 13 May 2005 23:08:08 -0400
author: Joe Richards [MVP]
|
|
