Post by Fabio Siciliano on Nov 10, 2020 15:22:50 GMT -5
Hi there, I have no problems in getting the SID given a Windows user name but, trying to get back the user name given the SID simply does not work for me.
I wrote a function that receives a SID string (e.g. "S-1-5-21-3644308825-3751170596-1852819909-1008") and should return the user name.
The #advapi32 "LookupAccountSidA" function does not accept a SID string, it has to be converted in a binary format by using the #advapi32 "ConvertStringSidToSidA" function.
The #advapi32 "ConvertStringSidToSidA" function accepts the SID string and requires an output SID struct (pSid).
The problem is, the #advapi32 "ConvertStringSidToSidA" function returns the error 1337 - invalid security ID (SID) structure.
So, the root of this evil seems to be a wrong SID structure definition (pSid) but, hunting high and low through the Microsoft documentation and the Internet, I was not able to find the clue, so far.
Below you can find my sample program.
Thank you in advance!
Fabio
I wrote a function that receives a SID string (e.g. "S-1-5-21-3644308825-3751170596-1852819909-1008") and should return the user name.
The #advapi32 "LookupAccountSidA" function does not accept a SID string, it has to be converted in a binary format by using the #advapi32 "ConvertStringSidToSidA" function.
The #advapi32 "ConvertStringSidToSidA" function accepts the SID string and requires an output SID struct (pSid).
The problem is, the #advapi32 "ConvertStringSidToSidA" function returns the error 1337 - invalid security ID (SID) structure.
So, the root of this evil seems to be a wrong SID structure definition (pSid) but, hunting high and low through the Microsoft documentation and the Internet, I was not able to find the clue, so far.
Below you can find my sample program.
Thank you in advance!
Fabio
nomainwin
global nul$ : nul$ = chr$(0)
global cr$ : cr$ = chr$(13)
global cr2$ : cr2$ = cr$; cr$
global caption$ : caption$ = "SID2User"; cr$
'** ConvertSidToStringSidA, ConvertStringSidToSidA (advapi32)
struct StringSid, StringSid as ptr
'** FormatMessageA (kernel32)
struct lpSource, lpSource as long
struct Arguments, Arguments as long
'** LookupAccountSidA (advapi32)
struct pSid, pSid as long
'** LookupAccountNameA, LookupAccountSidA (advapi32)
struct cbSid, cbSid as long
struct cchReferencedDomainName, cchReferencedDomainName as long
struct peUse, _ ' enum _SID_NAME_USE
SidTypeUser as long, _
SidTypeGroup as long, _
SidTypeDomain as long, _
SidTypeAlias as long, _
SidTypeWellKnownGroup as long, _
SidTypeDeletedAccount as long, _
SidTypeInvalid as long, _
SidTypeUnknown as long, _
SidTypeComputer as long, _
SidTypeLabel as long
'** ConvertStringSidToSidA, LookupAccountSidA (advapi32)
struct IdentifierAuthority, IdentifierAuthority as char[6]
struct pSid, _
Revision as char[1], _
SubAuthorityCount as char[1], _
IdentifierAuthority as struct, _
SubAuthority as ulong
pSid.IdentifierAuthority.struct = IdentifierAuthority.struct
SID$ = "S-1-5-21-3644308825-3751170596-1852819909-1008"
user$ = getUser$(SID$)
if user$ = "" then notice "ERROR!" else notice user$
end
[getUser]
function getUser$(SID$)
StringSid.StringSid.struct = SID$; nul$
open "advapi32" for dll as #advapi32
calldll #advapi32, "ConvertStringSidToSidA", StringSid as struct, pSid as struct, r as long
if r = 0 then
calldll #kernel32, "GetLastError", r as long
r$ = "ConvertStringSidToSidA (advapi32) = "; str$(r)
notice caption$; formatMessage$(r$, r)
goto [quit]
end if
calldll #advapi32, "LookupAccountSidA", _
0 as long, _
pSid as struct, _
0 as long, _
lpcchName as ulong, _
0 as long, _
lpcchReferencedDomainName as ulong, _
peUse as struct, _
r as long
lpName$ = space$(lpcchName - 1); nul$
lpReferencedDomainName$ = space$(lpcchReferencedDomainName - 1); nul$
calldll #advapi32, "LookupAccountSidA", _
0 as long, _
pSid as struct, _
lpName$ as ptr, _
lpcchName as ulong, _
lpReferencedDomainName$ as ptr, _
lpcchReferencedDomainName as ulong, _
peUse as struct, _
r as long
if r = 0 then
calldll #kernel32, "GetLastError", r as long
r$ = "LookupAccountSidA (advapi32) = "; str$(r)
notice caption$; formatMessage$(r$, r)
goto [quit]
end if
getUser$ = trim$(lpName$)
[quit]
close #advapi32
end function
[formatMessage]
function formatMessage$(source$, rc)
dwFlags = _FORMAT_MESSAGE_FROM_SYSTEM or _FORMAT_MESSAGE_ALLOCATE_BUFFER
dwMessageId = rc
calldll #kernel32, "FormatMessageA", _
dwFlags as long, _
lpSource as struct, _
dwMessageId as long, _
dwLanguageId as long, _
lpBuffer$ as ptr, _
nSize as long, _
Arguments as struct, _
r as long
dwFlags = _FORMAT_MESSAGE_FROM_SYSTEM
nSize = r + 1
lpBuffer$ = space$(nSize) + nul$
calldll #kernel32, "FormatMessageA", _
dwFlags as long, _
lpSource as struct, _
dwMessageId as long, _
dwLanguageId as long, _
lpBuffer$ as ptr, _
nSize as long, _
Arguments as struct, _
r as long
if r then
formatMessage$ = source$; cr2$; trim$(lpBuffer$)
else
formatMessage$ = translate$("No further info is available"); "."
end if
lpBuffer$ = ""
end function
[translate]
function translate$(text$)
translate$ = text$
end function