Hello,
you can use the LookupAccountSid or LookupAccountName function. These will
translate accountnames to sids and vice versa.
And you get the accountType:
[DllImport("advapi32.dll", SetLastError = true, CharSet =
CharSet.Unicode)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool LookupAccountSid(
[In] string systemName,
[In, MarshalAs(UnmanagedType.LPArray)] byte[] sid,
[Out] StringBuilder name,
[In, Out] ref uint nameLength,
[Out] StringBuilder referencedDomainName,
[In, Out] ref uint referencedDomainNameLength,
[Out] out AccountType usage);
public enum AccountType
{
/// <summary>
/// No account type
/// </summary>
None = 0,
/// <summary>
/// The account is a user
/// </summary>
User,
/// <summary>
/// The account is a security group
/// </summary>
Group,
/// <summary>
/// The account defines a domain
/// </summary>
Domain,
/// <summary>
/// The account is an alias
/// </summary>
Alias,
/// <summary>
/// The account is a well-known group, such as
BUILTIN\Administrators
/// </summary>
WellknownGroup,
/// <summary>
/// The account was deleted
/// </summary>
DeletedAccount,
/// <summary>
/// The account is invalid
/// </summary>
Invalid,
/// <summary>
/// The type of the account is unknown
/// </summary>
Unknown,
/// <summary>
/// The account is a computer account
/// </summary>
Computer
}
Best regards,
Henning Krause
"Roshan" <br*****@gmail.comwrote in message
news:11**********************@m73g2000cwd.googlegr oups.com...
Hi,
I wanted a reliable way of detecting if a given NTAccount object
represents a user account or group account. I was using
SecurityIdentifier.IsAccountSid() method but this doesn't work as I
expected. It returns true for user accounts and also for groups created
by administrator. Right now I am using the WMI class
System.Management.ManagementClass to get a list of all local user
accounts and am iterating over them to see if the given account is a
user account.
System.Management.ManagementClass mc = new
System.Management.ManagementClass("Win32_UserAccou nt");
System.Management.ManagementObjectCollection objColl =
mc.GetInstances();
foreach (System.Management.ManagementObject obj in objColl)
{
String name = obj.GetPropertyValue("Name") as String;
// Compare name and NTAccount.Value to detect if its a user
}
While this works, it seems unclean and a overtly complex way of doing
things. Does any one know of a clean straight forward way of doing
this?
Thanks,
Roshan