private string EncodeSid()
{
IntPtr pSid = IntPtr.Zero;
IntPtr pStringSid = IntPtr.Zero;
IntPtr pDomain = IntPtr.Zero;
try
{
int sidLength = 0;
int domainLength = 0;
SecurityApi.SidNameUse use;
if (!SecurityApi.LookupAccountName(null, _user, pSid, ref sidLength, pDomain, ref domainLength, out use))
{
int error = Marshal.GetLastWin32Error();
if (error != (int)SecurityApi.Error.ERROR_INSUFFICIENT_BUFFER)
{
throw new Exception("LookupAccountName failed. Error = " + Marshal.GetLastWin32Error().ToString());
}
}
pSid = Marshal.AllocHGlobal(sidLength);
pDomain = Marshal.AllocHGlobal(domainLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion
if (!SecurityApi.LookupAccountName(null, _user, pSid, ref sidLength, pDomain, ref domainLength, out use))
{
throw new Exception("LookupAccountName failed. Error = " + Marshal.GetLastWin32Error().ToString());
}
if (!SecurityApi.ConvertSidToStringSid(pSid, out pStringSid))
{
throw new Exception("ConvertSidToStringSid failed. Error = " + Marshal.GetLastWin32Error().ToString());
}
return(Marshal.PtrToStringUni(pStringSid));
}
finally
{
if (pSid != IntPtr.Zero)
{
SecurityApi.LocalFree(pSid);
}
if (pStringSid != IntPtr.Zero)
{
SecurityApi.LocalFree(pStringSid);
}
if (pDomain != IntPtr.Zero)
{
Marshal.FreeHGlobal(pDomain);
}
}
}
private static bool DecodeSid(string stringSid, out string accountName)
{
IntPtr pSid = IntPtr.Zero;
IntPtr pAccount = IntPtr.Zero;
IntPtr pDomain = IntPtr.Zero;
try
{
accountName = stringSid;
if (!SecurityApi.ConvertStringSidToSid(stringSid, out pSid))
{
throw new Exception("ConvertStringSidToSid failed. Error = " + Marshal.GetLastWin32Error().ToString());
}
int accountLength = 0;
int domainLength = 0;
SecurityApi.SidNameUse use;
if (!SecurityApi.LookupAccountSid(null, pSid, pAccount, ref accountLength, pDomain, ref domainLength, out use))
{
int error = Marshal.GetLastWin32Error();
if (error != (int)SecurityApi.Error.ERROR_INSUFFICIENT_BUFFER)
{
if ((error == (int)SecurityApi.Error.ERROR_NONE_MAPPED) || (error == (int)SecurityApi.Error.ERROR_TRUSTED_RELATIONSHIP_FAILURE))
{
return(false);
}
else
{
throw new Exception("LookupAccountSid failed. Error = " + Marshal.GetLastWin32Error().ToString());
}
}
}
pAccount = Marshal.AllocHGlobal(accountLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion
pDomain = Marshal.AllocHGlobal(domainLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion
if (!SecurityApi.LookupAccountSid(null, pSid, pAccount, ref accountLength, pDomain, ref domainLength, out use))
{
int error = Marshal.GetLastWin32Error();
if ((error == (int)SecurityApi.Error.ERROR_NONE_MAPPED) || (error == (int)SecurityApi.Error.ERROR_TRUSTED_RELATIONSHIP_FAILURE))
{
return(false);
}
else
{
throw new Exception("LookupAccountSid failed. Error = " + error.ToString());
}
}
accountName = Marshal.PtrToStringUni(pDomain) + "\\" + Marshal.PtrToStringUni(pAccount);
return(true);
}
finally
{
if (pSid != IntPtr.Zero)
{
SecurityApi.LocalFree(pSid);
}
if (pAccount != IntPtr.Zero)
{
Marshal.FreeHGlobal(pAccount);
}
if (pDomain != IntPtr.Zero)
{
Marshal.FreeHGlobal(pDomain);
}
}
}