Get username and domain of Foreign Security Principal from domain trust

You can use this code to determine the DOMAIN\username from the Foreign Security Principal which is really the SID of the account. Pass the full distinguishedName of the ForeignSecurityPrincipal.

static string GetUserNameOfFSP(string ForeignSecurityPrincipal)

       {

           //Returns with syntax of "DOMAIN\logonname"

           try

           {

               DirectoryEntry user = new DirectoryEntry("LDAP://" + ForeignSecurityPrincipal);

               SecurityIdentifier sid = new SecurityIdentifier((byte[])user.InvokeGet("objectSid"), 0);

               NTAccount account = (NTAccount)sid.Translate(typeof(NTAccount));

               return account.ToString();

           }

           catch (DirectoryServicesCOMException e) { Console.Write(e.Message); return "Error"; }

       }

2 Comments

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>