当前位置: 文江博客话题详情

如何从 SQL Server 存储的 SID 获取 Active Directory 组名称?

发布于 2024-11-26 06:54:18 字数 528 浏览 1 评论 0原文

这是我今天早上早些时候提出的一个问题的后续(发布在此处。)按照提供的说明,我成功地在 SQL Server 2000 数据库中查询与 AD 组关联的 SID。然而,SID 看起来像这样:

0x0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567

如何获取 SID 引用的 AD 组的名称?我尝试过谷歌搜索 PowerShell 脚本,但是,大多数 SID 示例如下所示:

S-1-5-21-1454471165-1004335555-1606985555-5555

显然,这看起来不像我从 SQL Server 返回的值。我该怎么做?

原文

This is a follow-up of a question I asked earlier this morning (posted here.) Following the instructions provided, I've managed to query my SQL Server 2000 database for a SID associated with an AD Group. The SID, however, looks like this:

0x0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567

What can I do to obtain the name of the AD Group referenced by the SID? I've tried googling PowerShell scripts, however, most of their examples of SIDs look like this:

S-1-5-21-1454471165-1004335555-1606985555-5555

Obviously, that doesn't look like the value I'm getting back from the SQL Server. How can I do this?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

无风消散 2024-12-03 06:54:18

如果您使用的是适用于 SQL 2000 的 sqlps(SQL Powershell 主机)(我已经在我的 2000 实例上对此进行了测试),您可以使用以下命令:

$query = @"
select sid from syslogins where isntgroup = 1
AND name = 'CONTOSO\mylogin'
"@

invoke-sqlcmd -ServerInstance "myserver" -Database master -Query $query | 
foreach {$SID = new-object security.principal.securityidentifier($_.SID,0); $SID.translate([system.security.principal.NTAccount]) }

If you're using sqlps (SQL Powershell host) which works against SQL 2000 (I've tested this on my 2000 instance) you can use this:

$query = @"
select sid from syslogins where isntgroup = 1
AND name = 'CONTOSO\mylogin'
"@

invoke-sqlcmd -ServerInstance "myserver" -Database master -Query $query | 
foreach {$SID = new-object security.principal.securityidentifier($_.SID,0); $SID.translate([system.security.principal.NTAccount]) }
回复 原文
尴尬癌患者 2024-12-03 06:54:18

对于那些没有 sqlps 的人:
使用此在线 C# shell 将单个 sid 格式化为文本

http://rextester.com/AFAC13570

代码备份:

//Rextester.Program.Main is the entry point for your code. Don't change it.
//Compiler version 4.0.30319.17929 for Microsoft (R) .NET Framework 4.5

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Text;
using System.Runtime.Remoting.Metadata.W3cXsd2001;

namespace Rextester
{
    public class Program
    {

        public static string ConvertByteToStringSid(Byte[] sidBytes)
        {

            StringBuilder strSid = new StringBuilder();
            strSid.Append("S-");

            // Add SID revision.
            strSid.Append(sidBytes[0].ToString());
            // Next six bytes are SID authority value.
            if (sidBytes[6] != 0 || sidBytes[5] != 0)
            {
                string strAuth = String.Format
                ("0x{0:2x}{1:2x}{2:2x}{3:2x}{4:2x}{5:2x}",
                (Int16)sidBytes[1],
                (Int16)sidBytes[2],
                (Int16)sidBytes[3],
                (Int16)sidBytes[4],
                (Int16)sidBytes[5],
                (Int16)sidBytes[6]);
                strSid.Append("-");
                strSid.Append(strAuth);
            }
            else
            {
                Int64 iVal = (Int32)(sidBytes[1]) +
                (Int32)(sidBytes[2] << 8) +
                (Int32)(sidBytes[3] << 16) +
                (Int32)(sidBytes[4] << 24);
                strSid.Append("-");
                strSid.Append(iVal.ToString());
            }

            // Get sub authority count...
            int iSubCount = Convert.ToInt32(sidBytes[7]);
            int idxAuth = 0;
            for (int i = 0; i < iSubCount; i++)
            {
                idxAuth = 8 + i * 4;

                if (idxAuth >= sidBytes.Length)
                {
                    Console.WriteLine("OK :old NT account");
                    return strSid.ToString();
                }

                UInt32 iSubAuth = BitConverter.ToUInt32(sidBytes, idxAuth);
                strSid.Append("-");
                strSid.Append(iSubAuth.ToString());
            }
            return strSid.ToString();
        } 

        public static void Main(string[] args)
        {
            //Your code goes here
            Console.WriteLine(
                ConvertByteToStringSid(
                    SoapHexBinary.Parse(
                        "0x01050000000000051500000079542007311FAE6D096510145E540300".Substring(2)
                    ).Value
                )
            );
        }
    }
}

学分:

https://www.sqlservercentral.com/Forums/FindPost1322822.aspx

如何将字节数组转换为十六进制字符串,反之亦然?

For those without sqlps:
use this online C# shell do format single sid to text

http://rextester.com/AFAC13570

code backup:

//Rextester.Program.Main is the entry point for your code. Don't change it.
//Compiler version 4.0.30319.17929 for Microsoft (R) .NET Framework 4.5

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.RegularExpressions;
using System.Text;
using System.Runtime.Remoting.Metadata.W3cXsd2001;

namespace Rextester
{
    public class Program
    {

        public static string ConvertByteToStringSid(Byte[] sidBytes)
        {

            StringBuilder strSid = new StringBuilder();
            strSid.Append("S-");

            // Add SID revision.
            strSid.Append(sidBytes[0].ToString());
            // Next six bytes are SID authority value.
            if (sidBytes[6] != 0 || sidBytes[5] != 0)
            {
                string strAuth = String.Format
                ("0x{0:2x}{1:2x}{2:2x}{3:2x}{4:2x}{5:2x}",
                (Int16)sidBytes[1],
                (Int16)sidBytes[2],
                (Int16)sidBytes[3],
                (Int16)sidBytes[4],
                (Int16)sidBytes[5],
                (Int16)sidBytes[6]);
                strSid.Append("-");
                strSid.Append(strAuth);
            }
            else
            {
                Int64 iVal = (Int32)(sidBytes[1]) +
                (Int32)(sidBytes[2] << 8) +
                (Int32)(sidBytes[3] << 16) +
                (Int32)(sidBytes[4] << 24);
                strSid.Append("-");
                strSid.Append(iVal.ToString());
            }

            // Get sub authority count...
            int iSubCount = Convert.ToInt32(sidBytes[7]);
            int idxAuth = 0;
            for (int i = 0; i < iSubCount; i++)
            {
                idxAuth = 8 + i * 4;

                if (idxAuth >= sidBytes.Length)
                {
                    Console.WriteLine("OK :old NT account");
                    return strSid.ToString();
                }

                UInt32 iSubAuth = BitConverter.ToUInt32(sidBytes, idxAuth);
                strSid.Append("-");
                strSid.Append(iSubAuth.ToString());
            }
            return strSid.ToString();
        } 

        public static void Main(string[] args)
        {
            //Your code goes here
            Console.WriteLine(
                ConvertByteToStringSid(
                    SoapHexBinary.Parse(
                        "0x01050000000000051500000079542007311FAE6D096510145E540300".Substring(2)
                    ).Value
                )
            );
        }
    }
}

credits:

https://www.sqlservercentral.com/Forums/FindPost1322822.aspx

How do you convert Byte Array to Hexadecimal String, and vice versa?

回复 原文
~没有更多了~

关于作者

如此安好

暂无简介

文章
评论
591 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

150537073

文章 0 评论 0

Hunk

文章 0 评论 0

daben123

文章 0 评论 0

陌上芳菲

文章 0 评论 0

qq_fc3rYR

文章 0 评论 0

明天过后

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文