Hello,
you can use the LookupAccountSid or LookupAccountName function. These will
translate accountnames to sids and vice versa.
And you get the accountType:
[DllImport("advapi32.dll", SetLastError = true, CharSet =
CharSet.Unicode)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool LookupAccountSid(
[In] string systemName,
[In, MarshalAs(UnmanagedType.LPArray)] byte[] sid,
[Out] StringBuilder name,
[In, Out] ref uint nameLength,
[Out] StringBuilder referencedDomainName,
[In, Out] ref uint referencedDomainNameLength,
[Out] out AccountType usage);
public enum AccountType
{
/// <summary>
/// No account type
/// </summary>
None = 0,
/// <summary>
/// The account is a user
/// </summary>
User,
/// <summary>
/// The account is a security group
/// </summary>
Group,
/// <summary>
/// The account defines a domain
/// </summary>
Domain,
/// <summary>
/// The account is an alias
/// </summary>
Alias,
/// <summary>
/// The account is a well-known group, such as
BUILTIN\Administrators
/// </summary>
WellknownGroup,
/// <summary>
/// The account was deleted
/// </summary>
DeletedAccount,
/// <summary>
/// The account is invalid
/// </summary>
Invalid,
/// <summary>
/// The type of the account is unknown
/// </summary>
Unknown,
/// <summary>
/// The account is a computer account
/// </summary>
Computer
}
Best regards,
Henning Krause
[quoted text, click to view] "Roshan" <broshan@gmail.com> wrote in message
news:1152803607.637996.214870@m73g2000cwd.googlegroups.com...
> Hi,
>
> I wanted a reliable way of detecting if a given NTAccount object
> represents a user account or group account. I was using
> SecurityIdentifier.IsAccountSid() method but this doesn't work as I
> expected. It returns true for user accounts and also for groups created
> by administrator. Right now I am using the WMI class
> System.Management.ManagementClass to get a list of all local user
> accounts and am iterating over them to see if the given account is a
> user account.
>
> System.Management.ManagementClass mc = new
> System.Management.ManagementClass("Win32_UserAccount");
>
> System.Management.ManagementObjectCollection objColl =
> mc.GetInstances();
> foreach (System.Management.ManagementObject obj in objColl)
> {
> String name = obj.GetPropertyValue("Name") as String;
> // Compare name and NTAccount.Value to detect if its a user
> }
>
> While this works, it seems unclean and a overtly complex way of doing
> things. Does any one know of a clean straight forward way of doing
> this?
>
> Thanks,
> Roshan
>
