Reputation: 87
Sid of local group in machine
I try to find sid of the administrator group for example.
According to Microsoft the sid of that group is: S-1-5-21-machine-500
when the machine is identifier represents the three sub-authority values associated with a specific machine.
You can see it in the follow link:
https://msdn.microsoft.com/en-us/library/cc980032.aspx
I don't understand what the meaning of the <machine> and how I can get it using in c#.
Anybody know what is it or how I can get it?
Upvotes: 0
Views: 1652
Answers (1)
Reputation: 35663
Everything up to the 500 identifies the issuer of the SID, in this case the machine.
S-1-5 means "NT AUTHORITY", i.e. this SID is issued by is a Windows NT system. (The reason for this distinction is that SIDs are a subset of OIDs, an OSI standard for generating unique IDs, part of the DCE project and also used in LDAP).
S-1-5-21-X-X-X means "Issued by a domain", where X-X-X is a unique random number generated when the domain was created, or when the machine was installed. This is also known as the "machine SID" or "domain SID" if it is for the domain. Specifically, the 21 identifies that the next three groups identify a domain, which will in turn issue more SIDs.
S-1-5-21-X-X-X-500 is the administrator account of the machine identified by S-1-5-21-X-X-X
The 500 is the RID or Relative ID. That's equivalent to the GID on Linux. 500 is the first local account or group to be created because RIDs are allocated beginning with 500. The next local account or group would get RID 501, and so on. 500 is generally the account Administrator, not a group though.
If you want to find information about security groups from C#, you should use the ADSI API, accessible from the System.DirectoryServices namespace. For local groups you need to use WinNT://MACHINENAME/ as your initial path.
- https://msdn.microsoft.com/en-us/library/system.directoryservices.directoryentry.path(v=vs.110).aspx
Note that users are not listed as members of their primary group (usually Users). You have to look at the User's PrimaryGroup property for that.
Upvotes: 1
Related Questions
- How to get the SID of the current machine?
- How can I get the SID of the current Windows account?
- Get group name from SID
- how to get domain user SID which is part of local system group
- How can I retrieve the local Machine SID using C#?
- Get name of LocalGroup Windows C++ using SID
- How do I specify the account SID when creating a local group account?
- Get local Windows user name from a SID with C++
- Getting SID of users
- I have a SID of a user account, and I want the SIDs of the groups it belongs to