Mega Code Archive

 

Categories / Delphi / Algorithm Math

 

Converting a SID to a string

Title: Converting a SID to a string Question: I've seen quite a few people ask how to convert a Security Identifier (SID) into a human-readable string. Since I was not able to find much help on the subject on newsgroups/etc., I decided to post some example code.. Answer: Here are some wrappers and helper functions to make your life easier: ... const SID_REVISION = 1; FILENAME_ADVAPI32 = 'ADVAPI32.DLL'; PROC_CONVERTSIDTOSTRINGSIDA = 'ConvertSidToStringSidA'; type TConvertSidToStringSidA = function (Sid: PSID; var StringSid: LPSTR): BOOL; stdcall; function WinGetSidStr (Sid : PSid) : string; var SidToStr : TConvertSidToStringSidA; h : LongWord; Buf : array [0..MAX_PATH - 1] of char; p : PAnsiChar; begin h := LoadLibrary (FILENAME_ADVAPI32); if h 0 then try @SidToStr := GetProcAddress (h, PROC_CONVERTSIDTOSTRINGSIDA); if @SidToStr nil then begin FillChar (Buf, SizeOf(Buf), 0); if SidToStr (Sid, p) then Result := '[' + string(p) + ']'; LocalFree (LongWord(p)); end; finally FreeLibrary (h); end; end; function GetSidStr (Sid : PSid) : string; var Psia : PSIDIdentifierAuthority; SubAuthCount : LongWord; i : LongWord; begin if IsValidSid (Sid) then begin // // Win 2000+ contains ConvertSidToStringSidA() in advapi32.dll so we just // use it if we can // if (Win32Platform = VER_PLATFORM_WIN32_NT) and (Win32MajorVersion = 5) then Result := WinGetSidStr (Sid) else begin Psia := GetSidIdentifierAuthority (Sid); SubAuthCount := GetSidSubAuthorityCount (Sid)^; Result := Format('[S-%u-', [SID_REVISION]); if ((Psia.Value[0] 0) or (Psia.Value[1] 0)) then Result := Result + Format ('%.2x%.2x%.2x%.2x%.2x%.2x', [Psia.Value[0], Psia.Value[1], Psia.Value[2], Psia.Value[3], Psia.Value[4], Psia.Value[5]]) else Result := Result + Format ('%u', [LongWord(Psia.Value[5]) + LongWord(Psia.Value[4] shl 8) + LongWord(Psia.Value[3] shl 16) + LongWord(Psia.Value[2] shl 24)]); for i := 0 to SubAuthCount - 1 do Result := Result + Format ('-%u', [GetSidSubAuthority(Sid, i)^]); Result := Result + ']'; end; end; end; function GetLocalUserSidStr (const UserName : string) : string; var RefDomain : array [0..MAX_PATH - 1] of char; // enough RefDomainSize : LongWord; Snu : SID_NAME_USE; Sid : PSid; SidSize : LongWord; begin SidSize := 0; RefDomainSize := SizeOf(RefDomain); Sid := nil; FillChar (RefDomain, SizeOf(RefDomain), 0); LookupAccountName (nil, PChar(UserName), Sid, SidSize, RefDomain, RefDomainSize, Snu); Sid := AllocMem (SidSize); try RefDomainSize := SizeOf(RefDomain); if LookupAccountName (nil, PChar(UserName), Sid, SidSize, RefDomain, RefDomainSize, Snu) then Result := GetSidStr (Sid); finally FreeMem (Sid, SidSize); end; end; ... To get a local users SID string simply call GetLocalUserSidStr('SomeUserName');