Menu
Using VB.NET, How do you Convert the sid to Group Name with Active Directory?
example: I need to get "group_test" and not "S-1-5-32-544"
The code I'm using is:
Public ReadOnly Property Groups As IdentityReferenceCollection
Get
Dim irc As IdentityReferenceCollection
Dim ir As IdentityReference
irc = WindowsIdentity.GetCurrent().Groups
Dim strGroupName As String
For Each ir In irc
Dim mktGroup As IdentityReference = ir.Translate(GetType(NTAccount))
MsgBox(mktGroup.Value)
Debug.WriteLine(mktGroup.Value)
strGroupName = mktGroup.Value.ToString
Next
Return irc
End Get
End Property
or something like this?
currentUser = WindowsIdentity.GetCurrent()
For Each refGroup As IdentityReference In currentUser.Groups
Dim acc As NTAccount = TryCast(refGroup.Translate(GetType(NTAccount)), NTAccount)
If AdminGroupName = acc.Value Then
ret = "999"
End If
If UsersGroupName = acc.Value Then
ret = "1"
End If
how would u adapt it to this code? (if user is in xx group, show xx group on drop down list)
For Each UserGroup In WindowsIdentity.GetCurrent().Groups
If mktGroup.Value = "BIG" Then
Dim Company = ac1.Cast(Of MarketingCompany).Where(Function(ac) ac.MarketingCompanyShort = "BIG").FirstOrDefault
If Company IsNot Nothing Then
marketingCo.Items.Add(String.Format("{0} | {1}", Company.MarketingCompanyShort, Company.MarketingCompanyName))
End If
End If
Next
962
The Get-ADGroup cmdlet gets a group or performs a search to retrieve multiple groups from an Active Directory. The Identity parameter specifies the Active Directory group to get. You can identify a group by its distinguished name (DN), GUID, security identifier (SID), or Security Accounts Manager (SAM) account name.
Like users and computers, we can also get a SID of a group since groups are considered AD objects. To get AD group SID in the active directory, use the Get-ADGroup cmdlet. The Get-ADGroup cmdlet gets a group account specified by the Identity parameter in the PowerShell script.
Start the registry editor. Move to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. Select each SID under this in turn and look at the ProfileImagePath and at the end of this string is the name of the user.
Code in C#:
public static string GetGroupNameBySid(string sid)
{
using(var ctx =
new PrincipalContext(ContextType.Domain))
{
using(var group =
GroupPrincipal.FindByIdentity(
ctx,
IdentityType.Sid,
sid))
{
return group.SamAccountName;
}
}
}
You must add assembly System.DirectoryServices.AccountManagement.dll. If you have any troubles with connection to AD, you can try adding AD server name in PrincipalContext constructor.
141
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
