public List <string> CollectMyOUs(string sAMAccountName)
{
_logger.Debug($"Collecting OUs for {sAMAccountName}");
List <string> ouList = new List <string>();
sAMAccountName = sAMAccountName.ToUpper();
var result = Searcher.GetSingleAttributeValue(Searcher.LdapInfo.RootDN, $"(samaccountname={sAMAccountName})", "distinguishedname");
if (result == null)
{
return(null);
}
string myDN = (string)result;
try
{
myDN = myDN.ToUpper();
while (myDN.Contains(",OU"))
{
if (myDN.Contains(("CN=" + sAMAccountName + ",")))
{
myDN = myDN.Replace(("CN=" + sAMAccountName + ","), string.Empty);
}
else
{
myDN = myDN.Substring(myDN.IndexOf(",OU") + 1);
}
ouList.Add(myDN);
}
//add Domain DN
myDN = myDN.Substring(myDN.IndexOf(",DC=") + 1);
ouList.Add(myDN);
//if (sAMAccountName.Contains("$"))
//{
// //add Site DN
// string site = CollectMySite(sAMAccountName);
// if (site != null)
// {
// string siteDn = "CN=" + site + ",CN=Sites,CN=Configuration," + Searcher.LdapInfo.ForestDN;
// ouList.Add(siteDn);
// }
//}
return(ouList);
}
catch (Exception e)
{
_logger.Warn(e.Message);
return(null);
}
}
//SID <=> Name
public static string SIDNameSID(string name)
{
var sidRx = new Regex("^S-1-.*");
if (sidRx.IsMatch(name))
{
return(ConvertSIDToName(name));
}
else
{
var objectSid = (byte[])Searcher.GetSingleAttributeValue(Searcher.LdapInfo.RootDN, $"(name={name})", "objectsid");
try
{
return(new SecurityIdentifier(objectSid, 0).ToString());
}
catch { return(name); }
}
}
//https://support.microsoft.com/en-us/kb/243330
public static string ConvertSIDToName(string sid)
{
if (SIDNameMapping.ContainsKey(sid))
{
return(SIDNameMapping[sid]);
}
switch (sid)
{
case "S-1-0":
return("Null Authority");
case "S-1-0-0":
return("Nobody");
case "S-1-1":
return("World Authority");
case "S-1-1-0":
return("Everyone");
case "S-1-2":
return("Local Authority");
case "S-1-2-0":
return("Local");
case "S-1-2-1":
return("Console Logon");
case "S-1-3":
return("Creator Authority");
case "S-1-3-0":
return("Creator Owner");
case "S-1-3-1":
return("Creator Group");
case "S-1-3-2":
return("Creator Owner Server");
case "S-1-3-3":
return("Creator Group Server");
case "S-1-3-4":
return("Owner Rights");
case "S-1-4":
return("Non-unique Authority");
case "S-1-5":
return("NT Authority");
case "S-1-5-1":
return("Dialup");
case "S-1-5-2":
return("Network");
case "S-1-5-3":
return("Batch");
case "S-1-5-4":
return("Interactive");
case "S-1-5-6":
return("Service");
case "S-1-5-7":
return("Anonymous");
case "S-1-5-8":
return("Proxy");
case "S-1-5-9":
return("Enterprise Domain Controllers");
case "S-1-5-10":
return("Principal Self");
case "S-1-5-11":
return("Authenticated Users");
case "S-1-5-12":
return("Restricted Code");
case "S-1-5-13":
return("Terminal Server Users");
case "S-1-5-14":
return("Remote Interactive Logon");
case "S-1-5-15":
return("This Organization");
case "S-1-5-17":
return("This Organization");
case "S-1-5-18":
return("Local System");
case "S-1-5-19":
return("Local Service");
case "S-1-5-20":
return("Network Service");
case "S-1-5-80-0":
return("All Services");
case "S-1-5-32-544":
return("BUILTIN\\Administrators");
case "S-1-5-32-545":
return("BUILTIN\\Users");
case "S-1-5-32-546":
return("BUILTIN\\Guests");
case "S-1-5-32-547":
return("BUILTIN\\Power Users");
case "S-1-5-32-548":
return("BUILTIN\\Account Operators");
case "S-1-5-32-549":
return("BUILTIN\\Server Operators");
case "S-1-5-32-550":
return("BUILTIN\\Print Operators");
case "S-1-5-32-551":
return("BUILTIN\\Backup Operators");
case "S-1-5-32-552":
return("BUILTIN\\Replicators");
case "S-1-5-32-554":
return("BUILTIN\\Pre-Windows 2000 Compatible Access");
case "S-1-5-32-555":
return("BUILTIN\\Remote Desktop Users");
case "S-1-5-32-556":
return("BUILTIN\\Network Configuration Operators");
case "S-1-5-32-557":
return("BUILTIN\\Incoming Forest Trust Builders");
case "S-1-5-32-558":
return("BUILTIN\\Performance Monitor Users");
case "S-1-5-32-559":
return("BUILTIN\\Performance Log Users");
case "S-1-5-32-560":
return("BUILTIN\\Windows Authorization Access Group");
case "S-1-5-32-561":
return("BUILTIN\\Terminal Server License Servers");
case "S-1-5-32-562":
return("BUILTIN\\Distributed COM Users");
case "S-1-5-32-569":
return("BUILTIN\\Cryptographic Operators");
case "S-1-5-32-573":
return("BUILTIN\\Event Log Readers");
case "S-1-5-32-574":
return("BUILTIN\\Certificate Service DCOM Access");
case "S-1-5-32-575":
return("BUILTIN\\RDS Remote Access Servers");
case "S-1-5-32-576":
return("BUILTIN\\RDS Endpoint Servers");
case "S-1-5-32-577":
return("BUILTIN\\RDS Management Servers");
case "S-1-5-32-578":
return("BUILTIN\\Hyper-V Administrators");
case "S-1-5-32-579":
return("BUILTIN\\Access Control Assistance Operators");
case "S-1-5-32-580":
return("BUILTIN\\Access Control Assistance Operators");
default:
string name;
try
{
//https://stackoverflow.com/questions/499053/how-can-i-convert-from-a-sid-to-an-account-name-in-c-sharp
name = new SecurityIdentifier(sid).Translate(typeof(NTAccount)).ToString();
}
catch
{
string dn = Searcher.LdapInfo.DomainSID.Contains(sid) ? Searcher.LdapInfo.RootDN : Searcher.LdapInfo.ForestDN;
name = (string)Searcher.GetSingleAttributeValue(dn, string.Format("(objectSid={0})", sid), "name");
if (name == null)
{
name = sid;
}
}
//Need to check if key exists, Async may get error
if (!SIDNameMapping.ContainsKey(sid))
{
SIDNameMapping.Add(sid, name);
}
return(name);
}
}
