Date:        1/9/98 8:09:48 PM
From:        Tim Newsham <newsham@lava.net>
Subject:     Re: [NTSEC] SID info
To:          ("<Alex.White@dhcmail.com>"@LOCAL)
CC:          ("<ntsecurity@iss.net>"@LOCAL)

TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomo@iss.net
Contact ntsecurity-owner@iss.net for help with any problems!
---------------------------------------------------------------------------

> Is there any easy way to convert a SID to a username and/or vice versa?

The function LookupAccountSid will return a domain/username pair given
a SID and the function LookupAccountName will go in the opposite direction.
I include two example programs that use these functions below.  I compile
them with cygwin32,  you may have to include different headers to compile
it in another devel environment.

> Thanks in advance,
> alex

                                           Tim N.

--- lookupname.c ---
#include <windows.h>

int
main(int argc, char **argv)
{
    char buf[256], dom[256], *host, *name;
    SID_NAME_USE use;
    SID *sp;
    int i, domlen, sidlen;

    host = 0;
    name = "Administrator";
    if(argc >= 3 && strcmp(argv[1], "-h") == 0) {
        host = argv[2];
        argc -= 2;
        argv += 2;
        printf("host %s\n", host);
    }
    if(argc >= 2) {
        name = argv[1];
    }
    printf("name %s\n", name);

    sp = (SID *)buf;
    sidlen = sizeof buf;
    domlen = sizeof dom;
    if(!LookupAccountName(host, name, sp, &sidlen, dom, &domlen, &use)) {
        printf("lookup failed: %d\n", GetLastError());
        return 0;
    }
    printf("domain %s\n", dom);
    printf("revision %d, count %d\n", sp->Revision, sp->SubAuthorityCount);
    for(i = 0; i < 6; i++)
        printf("%x.", sp->IdentifierAuthority.Value[i]);
    printf("\n");
    for(i = 0; i < sp->SubAuthorityCount; i++)
        printf("%x.", sp->SubAuthority[i]);
    printf("\n");
    return 0;
}


--- lookupsid.c ---
#include <windows.h>

void
buildsid(SID *sp, int id)
{
    memset(sp, 0, sizeof *sp);
    sp->Revision = 1;
    sp->SubAuthorityCount = 5;
    sp->IdentifierAuthority.Value[5] = 5;
    sp->SubAuthority[0] = 0x15;
    sp->SubAuthority[1] = 0x6b680665;
    sp->SubAuthority[2] = 0x55071656;
    sp->SubAuthority[3] = 0x757c16d1;
    sp->SubAuthority[4] = id;
    return ;
}

int
main(int argc, char **argv)
{
    char buf[256], name[256], dom[256], *host;
    SID_NAME_USE use;
    SID *sp;
    int i, domlen, namelen, id;

    host = 0;
    id = 0x1f4;
    if(argc >= 3 && strcmp(argv[1], "-h") == 0) {
        host = argv[2];
        argc -= 2;
        argv += 2;
        printf("host %s\n", host);
    }
    if(argc >= 2) {
        if(strncmp(argv[1], "0x", 2) == 0)
            sscanf(argv[1], "%x", &id);
        else
            sscanf(argv[1], "%d", &id);
    }
    printf("id 0x%x\n", id);

    sp = (SID *)buf;
    buildsid(sp, id);
    domlen = sizeof dom;
    namelen = sizeof name;
    
    if(!LookupAccountSid(host, sp, name, &namelen, dom, &domlen, &use)) {
        printf("lookup failed: %d\n", GetLastError());
        return 0;
    }
    printf("name %s\n", name);
    printf("domain %s\n", dom);
}