ASP.NET - Get Primary / Relative Identifier (RID) for DirectoryEntry / SID

Question

ASP.NET - Get Primary / Relative Identifier (RID) for DirectoryEntry / SID

I use Active Directory in a special MembershipProvider class to authenticate users in an ASP.NET 2.0 intranet application and associate their sid with the profile for the application.

When used ActiveDirectoryMembershipProvider, the object ProviderUserKeyfor is MembershipUseras follows

SecurityIdentifier sid = (SecurityIdentifier)Membership.GetUser().ProviderUserKey;
string sidValue = sid.ToString();

/* sidValue = "S-1-5-21-XXXX-XXXX-XXXX-YY"  */

As I understand it, it YYis the main one in the namespace (also called group / domain).

When using a custom MembershipProvider, I can get the sid using the property objectSidof the DirectoryEntry object

DirectoryEntry entry = new DirectoryEntry(path, username, password);
SecurityIdentifier sid = new SecurityIdentifier((byte[])entry.Properties["objectSid"].Value, 0);
string sidValue = sid.ToString();

/* sidValue = "S-1-5-21-XXXX-XXXX-XXXX"  */

sidValuein this case it is identical, except that it does not contain a principal YY.

My question is twofold

Is the main task to uniquely identify a person?
DirectoryEntry ( , System.DirectoryServices)?

EDIT:

({1} {2}), , sid , / . GUID, DirectoryEntry Properties["objectGUID"], ?

+5

c# asp.net active-directory sid asp.net-membership

Russ Cam 12 . '09 10:06

1

serialhobbyist · Accepted Answer · 2009-08-12T17:23:44+0000

GUID - . , objectGUID . , objectGUID. , objectGUID , .

, , objectGUID.

. , - . , . , sAMAccountNames, ? , employeeid employeeNumber? , displayNames?

AD. DirectoryEntry.

ASP.NET - Get Primary / Relative Identifier (RID) for DirectoryEntry / SID

More articles: