By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,983 Members | 1,627 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,983 IT Pros & Developers. It's quick & easy.

Create SID?

P: n/a
Hi!

To create a new Windows account I use this code:

const int UF_PASSWD_CANT_CHANGE = 0x0040;
const int UF_DONT_EXPIRE_PASSWD = 0x10000;
DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
DirectoryEntries entries = obDirEntry.Children;
DirectoryEntry obUser = entries.Add(username, "User");
obUser.Properties["FullName"].Add(name);
obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
UF_DONT_EXPIRE_PASSWD);
if(homedir.Length>0)
obUser.Properties["HomeDirectory"].Add(homedir);
object obRet = obUser.Invoke("SetPassword", password);
obUser.CommitChanges();

My question is, is it possible to create a new windows account with a
certain SID?
In the case I wan't to replicate a user on another server.

Regards
Anders Aleborg
Aleborg Solutions
Jan 19 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Anders,

I would think that if you create the user on the domain, then the user
will be recognized across the domain.

Also, having the same SID for a user in two different domains doesn't
get you anything.

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

<an****@aleborg.se> wrote in message
news:1A**********************************@microsof t.com...
Hi!

To create a new Windows account I use this code:

const int UF_PASSWD_CANT_CHANGE = 0x0040;
const int UF_DONT_EXPIRE_PASSWD = 0x10000;
DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
DirectoryEntries entries = obDirEntry.Children;
DirectoryEntry obUser = entries.Add(username, "User");
obUser.Properties["FullName"].Add(name);
obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
UF_DONT_EXPIRE_PASSWD);
if(homedir.Length>0)
obUser.Properties["HomeDirectory"].Add(homedir);
object obRet = obUser.Invoke("SetPassword", password);
obUser.CommitChanges();

My question is, is it possible to create a new windows account with a
certain SID?
In the case I wan't to replicate a user on another server.

Regards
Anders Aleborg
Aleborg Solutions

Jan 19 '06 #2

P: n/a

<an****@aleborg.se> wrote in message
news:1A**********************************@microsof t.com...
| Hi!
|
| To create a new Windows account I use this code:
|
| const int UF_PASSWD_CANT_CHANGE = 0x0040;
| const int UF_DONT_EXPIRE_PASSWD = 0x10000;
| DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
| DirectoryEntries entries = obDirEntry.Children;
| DirectoryEntry obUser = entries.Add(username, "User");
| obUser.Properties["FullName"].Add(name);
| obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
| UF_DONT_EXPIRE_PASSWD);
| if(homedir.Length>0)
| obUser.Properties["HomeDirectory"].Add(homedir);
| object obRet = obUser.Invoke("SetPassword", password);
| obUser.CommitChanges();
|
| My question is, is it possible to create a new windows account with a
| certain SID?
| In the case I wan't to replicate a user on another server.
|
| Regards
| Anders Aleborg
| Aleborg Solutions

Not sure what you are trying to achieve, but if you need to clone user
accounts, you first have to clone the machine SID.

Willy.
Jan 19 '06 #3

P: n/a
Hi!

This is how I am thinking, the accounts I'm creating is for anonymous access
to websites and ftp accounts, these type of accounts I try to exclude from
the domain and create them on each server instead, one of the reasons is that
it's so many accounts(we're talking thousands of accounts).
The reason I wan't to recreate the account along with the SID is IF we for
some reason wan't to move all users to another server, we can just take the
harddrive with the files for the website and move it, recreate all users and
all permissions on files and folders will continue to work. Permissions are
tied to SID, not to the accounts name.

The other way to do this is to save all permissions in a database (we save
username and passwords for all accounts in a database already, that's why we
easy can restore the users), the problem is that this way of doing it is time
consuming, we need to loop all users that has permissions on a file and if it
matches the current username save it to a DB or XML file (we havn't found out
a way to get the permissions without looping).
Regards
Anders Aleborg
Aleborg Solutions
"Nicholas Paldino [.NET/C# MVP]" wrote:
Anders,

I would think that if you create the user on the domain, then the user
will be recognized across the domain.

Also, having the same SID for a user in two different domains doesn't
get you anything.

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

<an****@aleborg.se> wrote in message
news:1A**********************************@microsof t.com...
Hi!

To create a new Windows account I use this code:

const int UF_PASSWD_CANT_CHANGE = 0x0040;
const int UF_DONT_EXPIRE_PASSWD = 0x10000;
DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
DirectoryEntries entries = obDirEntry.Children;
DirectoryEntry obUser = entries.Add(username, "User");
obUser.Properties["FullName"].Add(name);
obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
UF_DONT_EXPIRE_PASSWD);
if(homedir.Length>0)
obUser.Properties["HomeDirectory"].Add(homedir);
object obRet = obUser.Invoke("SetPassword", password);
obUser.CommitChanges();

My question is, is it possible to create a new windows account with a
certain SID?
In the case I wan't to replicate a user on another server.

Regards
Anders Aleborg
Aleborg Solutions


Jan 19 '06 #4

P: n/a
Simple answer; use the right tools for the job. Norton ghost, Power Quest
Image drive are a few tools that are designed to do exactly this.
Willy.

<an****@aleborg.se> wrote in message
news:AA**********************************@microsof t.com...
| Hi!
|
| This is how I am thinking, the accounts I'm creating is for anonymous
access
| to websites and ftp accounts, these type of accounts I try to exclude from
| the domain and create them on each server instead, one of the reasons is
that
| it's so many accounts(we're talking thousands of accounts).
| The reason I wan't to recreate the account along with the SID is IF we for
| some reason wan't to move all users to another server, we can just take
the
| harddrive with the files for the website and move it, recreate all users
and
| all permissions on files and folders will continue to work. Permissions
are
| tied to SID, not to the accounts name.
|
| The other way to do this is to save all permissions in a database (we save
| username and passwords for all accounts in a database already, that's why
we
| easy can restore the users), the problem is that this way of doing it is
time
| consuming, we need to loop all users that has permissions on a file and if
it
| matches the current username save it to a DB or XML file (we havn't found
out
| a way to get the permissions without looping).
|
|
| Regards
| Anders Aleborg
| Aleborg Solutions
|
|
| "Nicholas Paldino [.NET/C# MVP]" wrote:
|
| > Anders,
| >
| > I would think that if you create the user on the domain, then the
user
| > will be recognized across the domain.
| >
| > Also, having the same SID for a user in two different domains
doesn't
| > get you anything.
| >
| > Hope this helps.
| >
| > --
| > - Nicholas Paldino [.NET/C# MVP]
| > - mv*@spam.guard.caspershouse.com
| >
| > <an****@aleborg.se> wrote in message
| > news:1A**********************************@microsof t.com...
| > > Hi!
| > >
| > > To create a new Windows account I use this code:
| > >
| > > const int UF_PASSWD_CANT_CHANGE = 0x0040;
| > > const int UF_DONT_EXPIRE_PASSWD = 0x10000;
| > > DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
| > > DirectoryEntries entries = obDirEntry.Children;
| > > DirectoryEntry obUser = entries.Add(username, "User");
| > > obUser.Properties["FullName"].Add(name);
| > > obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
| > > UF_DONT_EXPIRE_PASSWD);
| > > if(homedir.Length>0)
| > > obUser.Properties["HomeDirectory"].Add(homedir);
| > > object obRet = obUser.Invoke("SetPassword", password);
| > > obUser.CommitChanges();
| > >
| > > My question is, is it possible to create a new windows account with a
| > > certain SID?
| > > In the case I wan't to replicate a user on another server.
| > >
| > > Regards
| > > Anders Aleborg
| > > Aleborg Solutions
| >
| >
| >
Jan 19 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.