V
VictorG
Hello,
The below C# code works fine in obtaining the windows user's account
SID when the user is local to the machine. It throws a "Not Found"
exception when trying top obtain the SID for a user who is on a
domain, but logged in locally. Specifically, for a corporate domain -
the user logs into the local desktop and has a local profile - not a
roaming profile.
The below code is implemented in an NT service for the purpose of
allowing the service to access the user's registry hive under "current
user". Since the service runs under the SYSTEM account the current
user mapping is for the default SYSTEM account. We impersonate the
logged in windows user and then simulate the current user mapping by
using the SID and accessing the HKEY_USER hive (basically the same as
accessing the current user hive). This works fine for windows users
who are named: machineName/userName but not for CORPORATE/userName.
Is this SID available through WMI? Is there a different string I need
to query for it? Could there be security settings on this corporate
account? I am running under the SYTSTEM account so I should have full
privileges?
Here is the code:
string slash = @"\";
int pos = winUserName.IndexOfAny(slash.ToCharArray());
string machineName = winUserName.Substring(0, pos);
string userName = winUserName.Substring(pos + 1, winUserName.Length -
pos - 1);
// Use WMI to get the SID of the user
string p = String.Format("ROOT\\CIMV2:Win32_UserAccount.Domain=
\"{0}\",Name=\"{1}\"", machineName, userName);
ManagementPath path = new ManagementPath(p);
System.Management.ManagementObject account = new
ManagementObject(path);
sid = account["SID"] as string;
account.Dispose();
Any ideas or suggestion will be greatly appreciated.
Thanks,
Victor Grippi
The below C# code works fine in obtaining the windows user's account
SID when the user is local to the machine. It throws a "Not Found"
exception when trying top obtain the SID for a user who is on a
domain, but logged in locally. Specifically, for a corporate domain -
the user logs into the local desktop and has a local profile - not a
roaming profile.
The below code is implemented in an NT service for the purpose of
allowing the service to access the user's registry hive under "current
user". Since the service runs under the SYSTEM account the current
user mapping is for the default SYSTEM account. We impersonate the
logged in windows user and then simulate the current user mapping by
using the SID and accessing the HKEY_USER hive (basically the same as
accessing the current user hive). This works fine for windows users
who are named: machineName/userName but not for CORPORATE/userName.
Is this SID available through WMI? Is there a different string I need
to query for it? Could there be security settings on this corporate
account? I am running under the SYTSTEM account so I should have full
privileges?
Here is the code:
string slash = @"\";
int pos = winUserName.IndexOfAny(slash.ToCharArray());
string machineName = winUserName.Substring(0, pos);
string userName = winUserName.Substring(pos + 1, winUserName.Length -
pos - 1);
// Use WMI to get the SID of the user
string p = String.Format("ROOT\\CIMV2:Win32_UserAccount.Domain=
\"{0}\",Name=\"{1}\"", machineName, userName);
ManagementPath path = new ManagementPath(p);
System.Management.ManagementObject account = new
ManagementObject(path);
sid = account["SID"] as string;
account.Dispose();
Any ideas or suggestion will be greatly appreciated.
Thanks,
Victor Grippi