8

I am building a site that gets user information using the WindowsIdentity of the current user. The main info I get from this is the ssid.

I do this for the current users as follows

IntPtr logonToken = WindowsIdentity.GetCurrent().Token;
WindowsIdentity windowsId = new WindowsIdentity(logonToken);
string ssid = windowsId.User.ToString();

What I need to do now, and am failing at, is getting the ssid for any arbitrary username that exists on the domain.

I tried WindowsIdentity(string), but that gave me a SecurityException

The name provided is not a properly formed account name.

Kiquenet
  • 14,494
  • 35
  • 148
  • 243
Matt
  • 4,140
  • 9
  • 40
  • 64

1 Answers1

6

How are you formatting the principal? Generally they take the form of user@domain.ext, so if your AD provides principal resolution on say example.com, a user principal name (UPN) may look like: joe.bloggs@example.com. The WindowsIdentity(string) constructor accepts a UPN, not an older format username EXAMPLE\joe.bloggs

Matthew Abbott
  • 60,571
  • 9
  • 104
  • 129
  • oh ok.. I'll give that a go and see what happens.. Thanks – Matt May 09 '11 at 23:18
  • I had a bit of trouble, since my UPN wasn't joe.bloggs@example.com I used my DirectorySearcher to query the userPrincipalName, which was a slight variation of the @example.com.. works a charm.. Thanks – Matt May 10 '11 at 00:03
  • 5
    I have only a string like "DOMAIN\username", how can I get WindowsPrincipal ? – Kiquenet Jul 04 '14 at 11:30
  • Hi Did you get the solution ? – Rupesh Kumar Tiwari Jun 09 '15 at 17:58
  • Having DOMAIN\Username, try turning it around to Username@DOMAIN. If you know the target domain(s), you can also keep a keyvalue list with DOMAIN + DOMAIN.ext, so that you create a proper UPN: Username@DOMAIN.ext. The last should work, unsure on just username@domain. And if neither DOMAIN\Username or Username@DOMAIN.ext works, then there is something else being the issue. Maybe domain is inaccessible. – Wolf5 Mar 22 '23 at 10:26