c# - Why does WellKnownSidType fail to convert to sid/account sometimes? -


question: i'm looking account name , sid each wellknownsidtype enum member shown below.

why fail sometimes?
, why fail in converting wellknownsidtype sid?
far understand it, conversion sid accountname should fail, , when account isn't local , not in domain.



example, when translating enum logonidssid sid, get:
bekannte sids des typs logonidssid können nicht erstellt werden.
(known sids of type logonidssid cannot created.)

or when looking accountname ntauthoritysid
get: manche oder alle identitätsverweise konnten nicht übersetzt werden.
(some or idendity-references not translated.)

sub main()     enumerations.sidinfo(of system.security.principal.wellknownsidtype)() end sub  public class enumerations     public shared sub sidinfo(of t)()         dim enumtype type = gettype(t)           each thisenumvalue t in system.enum.getvalues(gettype(t))             try                 console.writeline("enum: system.security.principal.wellknownsidtype." + system.enum.format(gettype(t), thisenumvalue, "g"))                 dim enumitem1 system.reflection.fieldinfo = enumtype.getfield(system.enum.format(gettype(t), thisenumvalue, "g"))                 dim enumvalue1 t = ctype(enumitem1.getvalue(enumtype), t)                 dim sid system.security.principal.securityidentifier = new system.security.principal.securityidentifier(ctype(ctype(enumvalue1, object), system.security.principal.wellknownsidtype), nothing)                 console.writeline("sid: " + sid.tostring())                 dim ntaccount security.principal.ntaccount = ctype(sid.translate(gettype(security.principal.ntaccount)), security.principal.ntaccount)                  console.writeline("account: " + ntaccount.tostring())                 console.writeline(vbcrlf)             catch ex exception                 console.writeline("exception on: " + system.enum.format(gettype(t), thisenumvalue, "g"))                 console.writeline(vbcrlf)             end try         next      end sub end class

c# (auto-translation):

//dim sid system.security.principal.securityidentifier = new system.security.principal.securityidentifier(system.security.principal.wellknownsidtype.worldsid, nothing) //dim rule system.security.accesscontrol.mutexaccessrule = new system.security.accesscontrol.mutexaccessrule(sid, system.security.accesscontrol.mutexrights.fullcontrol, system.security.accesscontrol.accesscontroltype.allow) public static void getsid<t>() {     type enumtype = typeof(t);      foreach (t thisenumvalue in system.enum.getvalues(typeof(t))) {         try {             console.writeline("enum: system.security.principal.wellknownsidtype." + system.enum.format(typeof(t), thisenumvalue, "g"));             system.reflection.fieldinfo enumitem1 = enumtype.getfield(system.enum.format(typeof(t), thisenumvalue, "g"));             t enumvalue1 = (t)enumitem1.getvalue(enumtype);             system.security.principal.securityidentifier sid = new system.security.principal.securityidentifier((system.security.principal.wellknownsidtype)(object)enumvalue1, null);             console.writeline("sid: " + sid.tostring());             system.security.principal.ntaccount ntaccount = (security.principal.ntaccount)sid.translate(typeof(security.principal.ntaccount));              console.writeline("account: " + ntaccount.tostring());             console.writeline(constants.vbcrlf);         } catch (exception ex) {             console.writeline("exception on: " + system.enum.format(typeof(t), thisenumvalue, "g") + constants.vbcrlf + ex.message);             console.writeline(constants.vbcrlf);         }     }  }

this method kick out 3 errors actually.

the first identitynotmappedexception means account trying make doesn't exist on machine. wellknownsidtype enum represents of well-known sids not ones specific given machine. there mechanism can use don't know of off hand. might have p/invoke possibly , use createwellknownsid or catch exception.

the second argumentexception happen if try use logonidssid. if check documentation constructor securityidentifier you'll see can's use logonidssid.

the third error argumentnullexception occur if try create 1 of following well-known sids without specifying domain sid. in documentation.

  • accountadministratorsid
  • accountguestsid
  • accountkrbtgtsid
  • accountdomainadminssid
  • accountdomainuserssid
  • accountdomainguestssid
  • accountcomputerssid
  • accountcontrollerssid
  • accountcertadminssid
  • accountschemaadminssid
  • accountenterpriseadminssid
  • accountpolicyadminssid
  • accountrasandiasserverssid

Comments

Post a Comment

Popular posts from this blog

apache - Add omitted ? to URLs -

i working on website cms reads page name of query string, e.g. http://exmaple.com/?pagename . trying create rewrite rule rewrite ? . so, user types in /pagename , taken /?pagename try this: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^/?(.*) index.php?$1 [l]
Read more

redirect - bbPress Forum - rewrite to wwww.mysite prohibits login -

i using bbpress installation without wordpress integration. the redirect of rewriteengine @ forum site works: rewriteengine on rewritecond %{http_host} ^forum.mysite.com$ rewriterule (.*)$ http://www.forum.mysite.com/$1 [r=301,l] the problem login pppress. bbpress login not recognize: http://www.forum.mysite/bb-login.php . it redirects to: http://forum.mysite.com/bb-login.php . i tried permalink settings none , name based, same issue. does uses redirect in bbpress or how can eliminate "double" content , redirect permanently www.? i redirected www.forum.mysite.com forum.mysite.com , achieved eliminate "double" content.
Read more

php - How can I stop spam on my custom forum/blog? -

so have custom built forum & blog system of late has been dealing lot of spam. if wordpress use akismet, if different common platform i'm sure i'd find plugin. there kind of static class can download this? using php. i'd still go akismet, if it. uses outside of wordpress, may have pay fee it, depending on use -- check terms , conditions -- it's option , easy implement in php using api. use api key wordpress. com account access. basically, grab whichever php client library takes fancy -- use alex potsides' php5 library -- plug in key, , it's handful of lines of code. here's bare bones of validation straight 1 of live sites: ... if ($akismet) { $akismet->setcommentauthor($name); $akismet->setcommentauthoremail($session->userinfo["email"]); $akismet->setcommentauthorurl(""); $akismet->setcommentcontent($sentence);...
Read more