internal static Principal ConstructFakePrincipalFromSID(byte[] sid, PrincipalContext ctx, string serverName, NetCred credentials, string authorityName) { string str = null; string str1 = null; string str2; string str3 = ""; int num = 0; int num1 = Utils.LookupSid(serverName, credentials, sid, out str, out str1, out num); if (num1 == 0) { if (!string.IsNullOrEmpty(str1)) { str2 = string.Concat(str1, "\\"); } else { str2 = ""; } str3 = string.Concat(str2, str); } GroupPrincipal groupPrincipal = GroupPrincipal.MakeGroup(ctx); groupPrincipal.fakePrincipal = true; groupPrincipal.unpersisted = false; groupPrincipal.LoadValueIntoProperty("Principal.DisplayName", str3); groupPrincipal.LoadValueIntoProperty("Principal.Name", str); groupPrincipal.LoadValueIntoProperty("Principal.SamAccountName", str); SecurityIdentifier securityIdentifier = new SecurityIdentifier(Utils.ConvertSidToSDDL(sid)); groupPrincipal.LoadValueIntoProperty("Principal.Sid", securityIdentifier); groupPrincipal.LoadValueIntoProperty("GroupPrincipal.IsSecurityGroup", (bool)1); return(groupPrincipal); }
static internal Principal ConstructFakePrincipalFromSID( byte[] sid, PrincipalContext ctx, string serverName, NetCred credentials, string authorityName) { GlobalDebug.WriteLineIf( GlobalDebug.Info, "Utils", "ConstructFakePrincipalFromSID: Build principal for SID={0}, server={1}, authority={2}", Utils.ByteArrayToString(sid), (serverName != null ? serverName : "NULL"), (authorityName != null ? authorityName : "NULL")); Debug.Assert(ClassifySID(sid) == SidType.FakeObject); // Get the name for it string nt4Name = ""; int accountUsage = 0; string name; string domainName; int err = Utils.LookupSid(serverName, credentials, sid, out name, out domainName, out accountUsage); if (err == 0) { // If it failed, we'll just live without a name //Debug.Assert(accountUsage == 5 /*WellKnownGroup*/); nt4Name = (!String.IsNullOrEmpty(domainName) ? domainName + "\\" : "") + name; } else { GlobalDebug.WriteLineIf( GlobalDebug.Warn, "Utils", "ConstructFakePrincipalFromSID: LookupSid failed (ignoring), serverName=" + serverName + ", err=" + err); } // Since LookupAccountSid indicates all of the NT AUTHORITY, etc., SIDs are WellKnownGroups, // we'll map them all to Group. // Create a Principal object to represent it GroupPrincipal g = GroupPrincipal.MakeGroup(ctx); g.fakePrincipal = true; g.unpersisted = false; // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalDisplayName, nt4Name); // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalName, name); // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalSamAccountName, name); // SID IdentityClaim SecurityIdentifier sidObj = new SecurityIdentifier(Utils.ConvertSidToSDDL(sid)); // Set the display name on the object g.LoadValueIntoProperty(PropertyNames.PrincipalSid, sidObj); g.LoadValueIntoProperty(PropertyNames.GroupIsSecurityGroup, true); return(g); }