- Get link
- Other Apps
In C#, we use the System.Security.Principal namespace to work with security-related operations. The code converts the SID string to a SecurityIdentifier object and then translates it to an NTAccount object to retrieve the associated Windows account. The IsAccountEnabled and IsAccountLocked methods use the System.DirectoryServices.AccountManagement namespace to check the account status.
Replace the sidToQuery variable with the desired SID before running the code. The code will print the account name, whether the account is enabled, and whether the account is locked.
Remember to add a reference to the System.DirectoryServices.AccountManagement assembly to your project.
Code below:
using System;
using System.Security.Principal;
class Program
{
static void Main(string[] args)
{
string sidToQuery = "S-1-5-21-3623811015-3361044348-30300820-1013"; // Replace with the desired SID
try
{
// Convert the SID string to a SecurityIdentifier object
SecurityIdentifier sid = new SecurityIdentifier(sidToQuery);
// Retrieve the associated Windows account
NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount));
// Retrieve additional information about the user
bool accountEnabled = IsAccountEnabled(sid);
bool accountLocked = IsAccountLocked(sid);
// Print the user information
Console.WriteLine("Account Name: " + account.Value);
Console.WriteLine("Account Enabled: " + accountEnabled);
Console.WriteLine("Account Locked: " + accountLocked);
}
catch (Exception e)
{
Console.WriteLine("Error occurred: " + e.Message);
}
Console.ReadLine();
}
static bool IsAccountEnabled(SecurityIdentifier sid)
{
try
{
// Retrieve the associated Windows account
NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount));
// Retrieve the user's account status
using (var user = new System.DirectoryServices.AccountManagement.UserPrincipal(
new System.DirectoryServices.AccountManagement.PrincipalContext(System.DirectoryServices.AccountManagement.ContextType.Domain)))
{
user.SamAccountName = account.Value;
using (var searcher = new System.DirectoryServices.AccountManagement.PrincipalSearcher(user))
{
var foundUser = searcher.FindOne() as System.DirectoryServices.AccountManagement.UserPrincipal;
return foundUser.Enabled ?? false;
}
}
}
catch (Exception e)
{
Console.WriteLine("Error occurred while checking account enabled status: " + e.Message);
}
return false;
}
static bool IsAccountLocked(SecurityIdentifier sid)
{
try
{
// Retrieve the associated Windows account
NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount));
// Retrieve the user's account status
using (var user = new System.DirectoryServices.AccountManagement.UserPrincipal(
new System.DirectoryServices.AccountManagement.PrincipalContext(System.DirectoryServices.AccountManagement.ContextType.Domain)))
{
user.SamAccountName = account.Value;
using (var searcher = new System.DirectoryServices.AccountManagement.PrincipalSearcher(user))
{
var foundUser = searcher.FindOne() as System.DirectoryServices.AccountManagement.UserPrincipal;
return foundUser.IsAccountLockedOut();
}
}
}
catch (Exception e)
{
Console.WriteLine("Error occurred while checking account locked status: " + e.Message);
}
return false;
}
}
- Get link
- Other Apps
Comments