private string EncodeSid() { IntPtr pSid = IntPtr.Zero; IntPtr pStringSid = IntPtr.Zero; IntPtr pDomain = IntPtr.Zero; try { int sidLength = 0; int domainLength = 0; SecurityApi.SidNameUse use; if (!SecurityApi.LookupAccountName(null, _user, pSid, ref sidLength, pDomain, ref domainLength, out use)) { int error = Marshal.GetLastWin32Error(); if (error != (int)SecurityApi.Error.ERROR_INSUFFICIENT_BUFFER) { throw new Exception("LookupAccountName failed. Error = " + Marshal.GetLastWin32Error().ToString()); } } pSid = Marshal.AllocHGlobal(sidLength); pDomain = Marshal.AllocHGlobal(domainLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion if (!SecurityApi.LookupAccountName(null, _user, pSid, ref sidLength, pDomain, ref domainLength, out use)) { throw new Exception("LookupAccountName failed. Error = " + Marshal.GetLastWin32Error().ToString()); } if (!SecurityApi.ConvertSidToStringSid(pSid, out pStringSid)) { throw new Exception("ConvertSidToStringSid failed. Error = " + Marshal.GetLastWin32Error().ToString()); } return(Marshal.PtrToStringUni(pStringSid)); } finally { if (pSid != IntPtr.Zero) { SecurityApi.LocalFree(pSid); } if (pStringSid != IntPtr.Zero) { SecurityApi.LocalFree(pStringSid); } if (pDomain != IntPtr.Zero) { Marshal.FreeHGlobal(pDomain); } } }
private static bool DecodeSid(string stringSid, out string accountName) { IntPtr pSid = IntPtr.Zero; IntPtr pAccount = IntPtr.Zero; IntPtr pDomain = IntPtr.Zero; try { accountName = stringSid; if (!SecurityApi.ConvertStringSidToSid(stringSid, out pSid)) { throw new Exception("ConvertStringSidToSid failed. Error = " + Marshal.GetLastWin32Error().ToString()); } int accountLength = 0; int domainLength = 0; SecurityApi.SidNameUse use; if (!SecurityApi.LookupAccountSid(null, pSid, pAccount, ref accountLength, pDomain, ref domainLength, out use)) { int error = Marshal.GetLastWin32Error(); if (error != (int)SecurityApi.Error.ERROR_INSUFFICIENT_BUFFER) { if ((error == (int)SecurityApi.Error.ERROR_NONE_MAPPED) || (error == (int)SecurityApi.Error.ERROR_TRUSTED_RELATIONSHIP_FAILURE)) { return(false); } else { throw new Exception("LookupAccountSid failed. Error = " + Marshal.GetLastWin32Error().ToString()); } } } pAccount = Marshal.AllocHGlobal(accountLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion pDomain = Marshal.AllocHGlobal(domainLength * 2); // 2-byte unicode...we're using the "W" variety of the funcion if (!SecurityApi.LookupAccountSid(null, pSid, pAccount, ref accountLength, pDomain, ref domainLength, out use)) { int error = Marshal.GetLastWin32Error(); if ((error == (int)SecurityApi.Error.ERROR_NONE_MAPPED) || (error == (int)SecurityApi.Error.ERROR_TRUSTED_RELATIONSHIP_FAILURE)) { return(false); } else { throw new Exception("LookupAccountSid failed. Error = " + error.ToString()); } } accountName = Marshal.PtrToStringUni(pDomain) + "\\" + Marshal.PtrToStringUni(pAccount); return(true); } finally { if (pSid != IntPtr.Zero) { SecurityApi.LocalFree(pSid); } if (pAccount != IntPtr.Zero) { Marshal.FreeHGlobal(pAccount); } if (pDomain != IntPtr.Zero) { Marshal.FreeHGlobal(pDomain); } } }