Given a user's SID, how can I get the AD DirectoryEntry?

directoryentry sid
mtm picture mtm · Aug 17, 2011 · Viewed 14k times · Source

I have the user's SID as byte[] within windowsPrincipal.getIdentity().getSid(). How can I get an Active Directory entry (DirectoryEntry) from the SID?

Answer

Mathew Leger picture Mathew Leger · Feb 24, 2014

Use the SecurityIdentifier class to convert the sid from byte[] format to string and then bind directly to the object:

DirectoryEntry OpenEntry(byte[] sidAsBytes)
{
    var sid = new SecurityIdentifier(sidAsBytes, 0);

    return new DirectoryEntry(string.Format("LDAP://<SID={0}>", sid.ToString()));
}

Related questions

How I can find a User with the GUID(objectGUID) Parameter in Active Directory

In my ASP.NET Application I get Informations from Active Directory. I must get Informations about a User with the GUID Informations (example: a28a6a34dsfdsf57d9e54f945a241) but I don't know how I can use the …

Read More
How to get a list of all domains?

I'm trying to get all domains that are available in the Windows Login dialog (in the Domain dropdown). I've tried the following code but it only returns the domain I am logged into. Am I missing something? StringCollection domainList = new …

Read More
How to provide DirectoryEntry.Exists with credentials?

This morning I discovered a nice method (DirectoryEntry.Exists), that should be able to check whether an Active Directory object exists on the server. So I tried with a simple: if (DirectoryEntry.Exists(path)) {} Of course it lacks any overloads …

Read More