Reference from original https://www.codeproject.com/articles/3688/how-to-get-user-sid-using-directoryservices-classe
And SecurityIdentifier in System.Security.Principal.Windows from https://github.com/dotnet/runtime/blob/6bc6560e51d1cf58b54561f7be44801864479b8d/src/libraries/System.Security.Principal.Windows/src/System/Security/Principal/SID.cs#L403-L478
| public static class LdapHelper | |
| { | |
| // https://www.codeproject.com/Articles/3688/How-to-get-user-SID-using-DirectoryServices-classe | |
| public static string ConvertByteToStringSid(byte[] sidBytes) | |
| { | |
| if (sidBytes == null || sidBytes.Length < 8 || | |
| sidBytes.Length > 68) // maximum 15 sub authorities | |
| return string.Empty; | |
| var span = new ReadOnlySpan<byte>(sidBytes); | |
| var strSid = new StringBuilder("S-"); | |
| // Add SID revision. | |
| strSid.Append(span[0]); | |
| // Get sub authority count... | |
| var subAuthoritiesLength = Convert.ToInt32(span[1]); | |
| if (sidBytes.Length != 8 + subAuthoritiesLength * 4) | |
| return string.Empty; | |
| long identifierAuthority = | |
| (((long)span[2]) << 40) + | |
| (((long)span[3]) << 32) + | |
| (((long)span[4]) << 24) + | |
| (((long)span[5]) << 16) + | |
| (((long)span[6]) << 8) + | |
| span[7]; | |
| strSid.Append('-'); | |
| strSid.Append(identifierAuthority); | |
| span = span[8..]; | |
| for (int i = 0; i < subAuthoritiesLength; i++, span = span[4..]) | |
| { | |
| strSid.Append('-'); | |
| strSid.Append(BitConverter.ToUInt32(span.Slice(0, 4))); | |
| } | |
| return strSid.ToString(); | |
| } | |
| } |
| public class LdapHelperTest | |
| { | |
| private static Func<byte[], string> GetConvertByteToStringSidService() => LdapHelper.ConvertByteToStringSid; | |
| [Fact] | |
| public void ConvertByteToStringSid_Builtin() | |
| { | |
| var service = GetConvertByteToStringSidService(); | |
| var sid = new byte[] { 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 39, 2, 0, 0 }; | |
| var result = service(sid); | |
| Assert.Equal("S-1-5-32-551", result); | |
| } | |
| [Fact] | |
| [SupportedOSPlatform("windows")] | |
| public void ConvertByteToStringSid_Builtin_Windows() | |
| { | |
| var sid = new byte[] { 1, 2, 0, 0, 0, 0, 0, 5, 32, 0, 0, 0, 39, 2, 0, 0 }; | |
| var s2 = new SecurityIdentifier(sid, 0); | |
| Assert.Equal("S-1-5-32-551", s2.ToString()); | |
| } | |
| [Fact] | |
| public void ConvertByteToStringSid_Malformed() | |
| { | |
| var service = GetConvertByteToStringSidService(); | |
| var sid1 = new byte[] { 1, 5, 0, 0, 0, 0, 0, 5, 21, 0, 0, 0, 222, 206, 60, 4, 227, 115, 59, 3, 168, 94, 83, 2, 1, 4, 0, 0, 1 }; | |
| var result1 = service(sid1); | |
| Assert.Equal("", result1); | |
| var sid2 = new byte[] { 1, 5, 0, 0, 0, 0, 0, 5, 21, 0, 0, 0, 222, 206, 60, 4, 227, 115, 59, 3, 168, 94, 83, 2, 1, 4, 0 }; | |
| var result2 = service(sid2); | |
| Assert.Equal("", result2); | |
| var sid3 = new byte[] { 1, 4, 0, 0, 0, 0, 0, 5, 21, 0, 0, 0, 222, 206, 60, 4, 227, 115, 59, 3, 168, 94, 83, 2, 1, 4, 0, 0 }; | |
| var result3 = service(sid3); | |
| Assert.Equal("", result3); | |
| } | |
| [Fact] | |
| public void ConvertByteToStringSid_Max() | |
| { | |
| var service = GetConvertByteToStringSidService(); | |
| var sid = new byte[] { 1, 1, 255, 254, 253, 252, 0, 0, 251, 250, 249, 248 }; | |
| var result = service(sid); | |
| Assert.Equal("S-1-281470647926784-4177132283", result); | |
| var sid2 = new byte[] { 1, 5, 136, 0, 44, 89, 0xFE, 5, 21, 0, 0, 0, 222, 206, 60, 4, 227, 115, 59, 3, 168, 94, 83, 2, 1, 4, 0, 0 }; | |
| var result2 = service(sid2); | |
| Assert.Equal("S-1-149534325472773-21-71093982-54227939-39018152-1025", result2); | |
| } | |
| [Fact] | |
| [SupportedOSPlatform("windows")] | |
| public void ConvertByteToStringSid_Max_Windows() | |
| { | |
| var sid = new byte[] { 1, 1, 255, 254, 253, 252, 0, 0, 251, 250, 249, 248 }; | |
| var s1 = new SecurityIdentifier(sid, 0); | |
| Assert.Equal("S-1-281470647926784-4177132283", s1.ToString()); | |
| var sid2 = new byte[] { 1, 5, 136, 0, 44, 89, 0xFE, 5, 21, 0, 0, 0, 222, 206, 60, 4, 227, 115, 59, 3, 168, 94, 83, 2, 1, 4, 0, 0 }; | |
| var s2 = new SecurityIdentifier(sid2, 0); | |
| Assert.Equal("S-1-149534325472773-21-71093982-54227939-39018152-1025", s2.ToString()); | |
| } | |
| [Fact] | |
| public void ConvertByteToStringSid_NullEmpty() | |
| { | |
| var service = GetConvertByteToStringSidService(); | |
| var sid1 = Array.Empty<byte>(); | |
| var result1 = service(sid1); | |
| Assert.Equal("", result1); | |
| var result2 = service(null); | |
| Assert.Equal("", result2); | |
| } | |
| [Fact] | |
| public void ConvertByteToStringSid_Success() | |
| { | |
| var service = GetConvertByteToStringSidService(); | |
| var sid = new byte[] { 1, 5, 0, 0, 0, 0, 0, 5, 21, 0, 0, 0, 222, 206, 60, 4, 227, 115, 59, 3, 168, 94, 83, 2, 1, 4, 0, 0 }; | |
| var result = service(sid); | |
| Assert.Equal("S-1-5-21-71093982-54227939-39018152-1025", result); | |
| } | |
| [Fact] | |
| [SupportedOSPlatform("windows")] | |
| public void ConvertByteToStringSid_Windows() | |
| { | |
| var sid = new byte[] { 1, 5, 0, 0, 0, 0, 0, 5, 21, 0, 0, 0, 222, 206, 60, 4, 227, 115, 59, 3, 168, 94, 83, 2, 1, 4, 0, 0 }; | |
| var s1 = new SecurityIdentifier(sid, 0); | |
| Assert.Equal("S-1-5-21-71093982-54227939-39018152-1025", s1.ToString()); | |
| } | |
| } |
Thanks!!!