[Win32utils-devel] User sid

Daniel Berger djberg96 at gmail.com
Fri Jun 27 07:18:31 EDT 2008


Hi all,

I was playing around with the idea of implementing Process.uid and 
Process.uid= for MS Windows. To that end I first wanted to get the user 
associated with the current process. Then I wanted the user's SID. I 
can't seem to get the stringified SID, though.

Here's the code (use the latest cvs version of windows-pr):

require 'windows/process'
require 'windows/error'
require 'windows/security'

include Windows::Process
include Windows::Error
include Windows::Security

handle = GetCurrentProcess()

token_handle = [0].pack('L')

unless OpenProcessToken(handle, TOKEN_QUERY, token_handle)
    raise get_last_error
end

token_handle  = token_handle.unpack('L')[0]
return_length = [0].pack('L')

# First pass, get the buffer size needed
GetTokenInformation(token_handle, TokenUser, 0, 0, return_length)

token_info = 0.chr * return_length.unpack('L')[0]

bool = GetTokenInformation(
    token_handle,
    TokenUser,
    token_info,
    token_info.size,
    return_length
)

unless bool
    raise get_last_error
end

sid_addr = token_info.unpack('L')[0]

name_buf = 0.chr * 80
name_cch = [name_buf.size].pack('L')

domain_buf = 0.chr * 80
domain_cch = [domain_buf.size].pack('L')

sid_name_use = 0.chr * 4

bool = LookupAccountSid(
    nil,
    sid_addr,
    name_buf,
    name_cch,
    domain_buf,
    domain_cch,
    sid_name_use
)

unless bool
    raise get_last_error
end

p name_buf.strip   # "djberge"

sid_buf = 0.chr * 80

bool = ConvertSidToStringSid(
    sid_addr,
    [sid_buf].pack('p*').unpack('L')[0]
)

unless bool
    raise get_last_error
end

# Junk
p sid_buf.strip

# Taken from 
http://search.cpan.org/src/TEVERETT/Win32-Security-0.50/lib/Win32/Security/SID.pm
# but it doesn't quite match up.
p token_info.unpack('CCnNV*')

How can I get the stringified SID?

Thanks,

Dan

PS - I'm trying to remember why I changed the prototype of 
ConvertSidToStringSid to 'PL', but I can't. It seems it ought to be 
'LP', but I don't want to break code at this point.


More information about the win32utils-devel mailing list