CODEWITHSUNDEEP
c#servicewindows-identityuserprincipal
GarudaLead
GarudaLead

Reputation: 479

Getting User Sid

I'm writing a service and I am trying to get the logged in User's sid and for whatever reason it is not working. It only returns {S-1-5-18}. Yet if I create a quick console application, it works just fine.

I've tried 2 methods:

WindowsIdentity usr = WindowsIdentity.GetCurrent();
return usr.User

as well as:

UserPrincipal.Current.Sid

They both have the same affect in my service. They both only return {S-1-5-18}. Yet in a console app, they both return the full user sid.

What could be causing this?

Upvotes: 0

Views: 1831

Answers (2)

user57508
user57508

Reputation:

I suppose you are running your service-process as NT AUTHORITY\SYSTEM or .\LOCALSYSTEM. Please see KB 243330 for more detail:

SID: S-1-5-18
Name: Local System
Description: A service account that is used by the operating system.

If you want to get the SID from the desktop-session, you could eg go for (by utilizing cassia - nuget-package available) :

    ITerminalServicesSession GetActiveSession()
    {
        var terminalServicesSession = default(ITerminalServicesSession);
        var terminalServicesManager = new TerminalServicesManager();
        using (var server = terminalServicesManager.GetLocalServer())
        {
            foreach (var session in server.GetSessions())
            {
                if (session.ConnectionState == ConnectionState.Active)
                {
                    // yep, I know ... LINQ ... but this is from a plain .NET 2.0 source ...
                    terminalServicesSession = session;
                    break;
                }
            }
        }
        return terminalServicesSession;
    }

The ITerminalServiceSession-instance does contain the property SessionId which should work as needed. But please, be aware that there are caveats associated with state of the session - I do not guarantee that my condition suffices, you may need to adapt the condition on ConnectionState as needed.

Upvotes: 4

Richard
Richard

Reputation: 108975

Those APIs will return the SID of the user executing the current process, in your case your service. S-1-5-18 is NT AUTHORITY\SYSTEM.

There can be anything from zero to many users logged on to a Windows system (for interactive use: either locally or remotely): there is no singular "logged on user".

You need to refine your requirements: why do you want to know the logged on user?

Upvotes: 0

Related Questions