471,318 Members | 3,212 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,318 software developers and data experts.

Create SID?

Hi!

To create a new Windows account I use this code:

const int UF_PASSWD_CANT_CHANGE = 0x0040;
const int UF_DONT_EXPIRE_PASSWD = 0x10000;
DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
DirectoryEntries entries = obDirEntry.Children;
DirectoryEntry obUser = entries.Add(username, "User");
obUser.Properties["FullName"].Add(name);
obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
UF_DONT_EXPIRE_PASSWD);
if(homedir.Length>0)
obUser.Properties["HomeDirectory"].Add(homedir);
object obRet = obUser.Invoke("SetPassword", password);
obUser.CommitChanges();

My question is, is it possible to create a new windows account with a
certain SID?
In the case I wan't to replicate a user on another server.

Regards
Anders Aleborg
Aleborg Solutions
Jan 19 '06 #1
4 6005
Anders,

I would think that if you create the user on the domain, then the user
will be recognized across the domain.

Also, having the same SID for a user in two different domains doesn't
get you anything.

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

<an****@aleborg.se> wrote in message
news:1A**********************************@microsof t.com...
Hi!

To create a new Windows account I use this code:

const int UF_PASSWD_CANT_CHANGE = 0x0040;
const int UF_DONT_EXPIRE_PASSWD = 0x10000;
DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
DirectoryEntries entries = obDirEntry.Children;
DirectoryEntry obUser = entries.Add(username, "User");
obUser.Properties["FullName"].Add(name);
obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
UF_DONT_EXPIRE_PASSWD);
if(homedir.Length>0)
obUser.Properties["HomeDirectory"].Add(homedir);
object obRet = obUser.Invoke("SetPassword", password);
obUser.CommitChanges();

My question is, is it possible to create a new windows account with a
certain SID?
In the case I wan't to replicate a user on another server.

Regards
Anders Aleborg
Aleborg Solutions

Jan 19 '06 #2

<an****@aleborg.se> wrote in message
news:1A**********************************@microsof t.com...
| Hi!
|
| To create a new Windows account I use this code:
|
| const int UF_PASSWD_CANT_CHANGE = 0x0040;
| const int UF_DONT_EXPIRE_PASSWD = 0x10000;
| DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
| DirectoryEntries entries = obDirEntry.Children;
| DirectoryEntry obUser = entries.Add(username, "User");
| obUser.Properties["FullName"].Add(name);
| obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
| UF_DONT_EXPIRE_PASSWD);
| if(homedir.Length>0)
| obUser.Properties["HomeDirectory"].Add(homedir);
| object obRet = obUser.Invoke("SetPassword", password);
| obUser.CommitChanges();
|
| My question is, is it possible to create a new windows account with a
| certain SID?
| In the case I wan't to replicate a user on another server.
|
| Regards
| Anders Aleborg
| Aleborg Solutions

Not sure what you are trying to achieve, but if you need to clone user
accounts, you first have to clone the machine SID.

Willy.
Jan 19 '06 #3
Hi!

This is how I am thinking, the accounts I'm creating is for anonymous access
to websites and ftp accounts, these type of accounts I try to exclude from
the domain and create them on each server instead, one of the reasons is that
it's so many accounts(we're talking thousands of accounts).
The reason I wan't to recreate the account along with the SID is IF we for
some reason wan't to move all users to another server, we can just take the
harddrive with the files for the website and move it, recreate all users and
all permissions on files and folders will continue to work. Permissions are
tied to SID, not to the accounts name.

The other way to do this is to save all permissions in a database (we save
username and passwords for all accounts in a database already, that's why we
easy can restore the users), the problem is that this way of doing it is time
consuming, we need to loop all users that has permissions on a file and if it
matches the current username save it to a DB or XML file (we havn't found out
a way to get the permissions without looping).
Regards
Anders Aleborg
Aleborg Solutions
"Nicholas Paldino [.NET/C# MVP]" wrote:
Anders,

I would think that if you create the user on the domain, then the user
will be recognized across the domain.

Also, having the same SID for a user in two different domains doesn't
get you anything.

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

<an****@aleborg.se> wrote in message
news:1A**********************************@microsof t.com...
Hi!

To create a new Windows account I use this code:

const int UF_PASSWD_CANT_CHANGE = 0x0040;
const int UF_DONT_EXPIRE_PASSWD = 0x10000;
DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
DirectoryEntries entries = obDirEntry.Children;
DirectoryEntry obUser = entries.Add(username, "User");
obUser.Properties["FullName"].Add(name);
obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
UF_DONT_EXPIRE_PASSWD);
if(homedir.Length>0)
obUser.Properties["HomeDirectory"].Add(homedir);
object obRet = obUser.Invoke("SetPassword", password);
obUser.CommitChanges();

My question is, is it possible to create a new windows account with a
certain SID?
In the case I wan't to replicate a user on another server.

Regards
Anders Aleborg
Aleborg Solutions


Jan 19 '06 #4
Simple answer; use the right tools for the job. Norton ghost, Power Quest
Image drive are a few tools that are designed to do exactly this.
Willy.

<an****@aleborg.se> wrote in message
news:AA**********************************@microsof t.com...
| Hi!
|
| This is how I am thinking, the accounts I'm creating is for anonymous
access
| to websites and ftp accounts, these type of accounts I try to exclude from
| the domain and create them on each server instead, one of the reasons is
that
| it's so many accounts(we're talking thousands of accounts).
| The reason I wan't to recreate the account along with the SID is IF we for
| some reason wan't to move all users to another server, we can just take
the
| harddrive with the files for the website and move it, recreate all users
and
| all permissions on files and folders will continue to work. Permissions
are
| tied to SID, not to the accounts name.
|
| The other way to do this is to save all permissions in a database (we save
| username and passwords for all accounts in a database already, that's why
we
| easy can restore the users), the problem is that this way of doing it is
time
| consuming, we need to loop all users that has permissions on a file and if
it
| matches the current username save it to a DB or XML file (we havn't found
out
| a way to get the permissions without looping).
|
|
| Regards
| Anders Aleborg
| Aleborg Solutions
|
|
| "Nicholas Paldino [.NET/C# MVP]" wrote:
|
| > Anders,
| >
| > I would think that if you create the user on the domain, then the
user
| > will be recognized across the domain.
| >
| > Also, having the same SID for a user in two different domains
doesn't
| > get you anything.
| >
| > Hope this helps.
| >
| > --
| > - Nicholas Paldino [.NET/C# MVP]
| > - mv*@spam.guard.caspershouse.com
| >
| > <an****@aleborg.se> wrote in message
| > news:1A**********************************@microsof t.com...
| > > Hi!
| > >
| > > To create a new Windows account I use this code:
| > >
| > > const int UF_PASSWD_CANT_CHANGE = 0x0040;
| > > const int UF_DONT_EXPIRE_PASSWD = 0x10000;
| > > DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
| > > DirectoryEntries entries = obDirEntry.Children;
| > > DirectoryEntry obUser = entries.Add(username, "User");
| > > obUser.Properties["FullName"].Add(name);
| > > obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
| > > UF_DONT_EXPIRE_PASSWD);
| > > if(homedir.Length>0)
| > > obUser.Properties["HomeDirectory"].Add(homedir);
| > > object obRet = obUser.Invoke("SetPassword", password);
| > > obUser.CommitChanges();
| > >
| > > My question is, is it possible to create a new windows account with a
| > > certain SID?
| > > In the case I wan't to replicate a user on another server.
| > >
| > > Regards
| > > Anders Aleborg
| > > Aleborg Solutions
| >
| >
| >
Jan 19 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

4 posts views Thread by I_AM_DON_AND_YOU? | last post: by
10 posts views Thread by Zack Sessions | last post: by
37 posts views Thread by Steven Bethard | last post: by
18 posts views Thread by Steven Bethard | last post: by
5 posts views Thread by Michael | last post: by
2 posts views Thread by masri999 | last post: by
reply views Thread by rosydwin | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.