Beefy Boxes and Bandwidth Generously Provided by pair Networks BBQ
Keep It Simple, Stupid
 
PerlMonks  

Win32: Getting the Machine SID

by TGI (Vicar)
on Oct 16, 2007 at 00:43 UTC ( #645077=perlquestion: print w/ replies, xml ) Need Help??
TGI has asked for the wisdom of the Perl Monks concerning the following question:

Does anyone know of a reliable way to get the machine SID for a given windows box? For what it's worth, I only need to get the value for the machine I am running on--I don't need to query a remote machine through WMI.

It's supposedly available in the HKEY_LOCAL_MACHINE SECURITY\SAM\Domains\Account registry key, but the SECURITY hive is locked down and I can't access it.

Win32::LookupAccountName will give me user SIDs, and Win32::Security::SID will parse the results and give me a clean text string from them.

The only missing piece of the puzzle is a reliable way to obtain the machine SID. I'd appreciate any insight anyone has into the problem.


TGI says moo

Comment on Win32: Getting the Machine SID
Select or Download Code
Re: Win32: Getting the Machine SID
by syphilis (Canon) on Oct 16, 2007 at 01:09 UTC
    Win32::LookupAccountName will give me user SIDs

    It will also give you the machine SID, iinm. According to Roth's book ("The Standard Extensions"), the second arg can be "a user name, a group name, a trusted domain name, or a computer name (computer and Domain name must end with a dollar sign)".

    Cheers,
    Rob

      Thanks for the help, syphilis.

      In the typical win32 way, things don't seem to be behaving as specified. Appending the dollar sign gives an error, and using the computer name seems to return a domain SID.

      I'm working on a system that's not a member of a domain, with username "shop_user" and "system name" is "SHOP_02". FWIW, I'm testing on Windows XP systems with ActiveState Perl 5.8.8.

      use strict; use warnings; use Win32::Security::SID; my @SIDTYPE = qw( ERROR SidTypeUser SidTypeGroup SidTypeDomain SidTypeAlias SidTypeWellKnownGroup SidTypeDeletedAccount SidTypeInvalid SidTypeUnknown SidTypeComputer SidTypeLabel ); my ( $system, $account ); $account = Win32::LoginName; $system = Win32::NodeName; GetSID( $system, "$system\\$account"); GetSID( $system, $account); GetSID( $system, $system); GetSID( $system, "$system\\"); GetSID( $system, "\\$system"); GetSID( $system, "SYSTEM\\$system"); GetSID( $system, "\$$system"); GetSID( $system, "$system\$"); GetSID( $system, "$system\\\$"); sub GetSID { my $system = shift; my $account = shift; my $domain = shift; no warnings 'uninitialized'; my ( $sid, $sidtype ); Win32::LookupAccountName( $system, $account, $domain, $sid, $sidty +pe ); my $sidstring = Win32::Security::SID::ConvertSidToStringSid( $sid +); print "\n", "$system - $account - $domain\n", "SID: $sidstring\n", "SIDTYPE: $SIDTYPE[$sidtype]\n"; ; }

      Here are the results:

      SHOP_02 - SHOP_02\shop_user - SHOP_02 SID: S-1-5-21-1957994488-963894560-725345543-1004 SIDTYPE: SidTypeUser SHOP_02 - shop_user - SHOP_02 SID: S-1-5-21-1957994488-963894560-725345543-1004 SIDTYPE: SidTypeUser SHOP_02 - SHOP_02 - SHOP_02 SID: S-1-5-21-1957994488-963894560-725345543 SIDTYPE: SidTypeDomain SHOP_02 - SHOP_02\ - SID: SIDTYPE: ERROR SHOP_02 - \SHOP_02 - SHOP_02 SID: S-1-5-21-1957994488-963894560-725345543 SIDTYPE: SidTypeDomain SHOP_02 - SYSTEM\SHOP_02 - SID: SIDTYPE: ERROR SHOP_02 - $SHOP_02 - SID: SIDTYPE: ERROR SHOP_02 - SHOP_02$ - SID: SIDTYPE: ERROR SHOP_02 - SHOP_02\$ - SID: SIDTYPE: ERROR


      TGI says moo

Re: Win32: Getting the Machine SID
by Argel (Prior) on Oct 17, 2007 at 00:23 UTC
    In the bad idea but I will suggest it anyway department, if you use the 'at' command to schedule a job it should run as the SYSTEM account which does have access to that part of the registry.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://645077]
Approved by GrandFather
Front-paged by grinder
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (8)
As of 2014-04-18 07:05 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (462 votes), past polls