Class SID
Consider the following output of examples/SidLookup.java:
toString: S-1-5-21-4133388617-793952518-2001621813-512 toDisplayString: WNET\Domain Admins getType: 2 getTypeText: Domain group getDomainName: WNET getAccountName: Domain Admins
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic SID
static SID
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static SID
Fields inherited from class jcifs.dcerpc.rpc.sid_t
identifier_authority, revision, sub_authority, sub_authority_count
-
Constructor Summary
ConstructorsConstructorDescriptionSID
(byte[] src, int si) Construct a SID from it's textual representation such as S-1-5-21-1496946806-2192648263-3843101252-1029.SID
(jcifs.dcerpc.rpc.sid_t sid, int type, String domainName, String acctName, boolean decrementAuthority) Construct a SID from a domain SID and an RID (relative identifier). -
Method Summary
Modifier and TypeMethodDescriptionboolean
Return the sAMAccountName of this SID unless it could not be resolved in which case the numeric RID is returned.Return the domain name of this SID unless it could not be resolved in which case the numeric representation is returned.SID[]
getGroupMemberSids
(String authorityServerName, NtlmPasswordAuthentication auth, int flags) int
getRid()
static SID
getServerSid
(String server, NtlmPasswordAuthentication auth) int
getType()
Returns the type of this SID indicating the state or type of account.Return text represeting the SID type suitable for display to users.int
hashCode()
void
resolve
(String authorityServerName, NtlmPasswordAuthentication auth) Manually resolve this SID.static void
resolveSids
(String authorityServerName, NtlmPasswordAuthentication auth, SID[] sids) Resolve an array of SIDs using a cache and at most one MSRPC request.static void
resolveSids
(String authorityServerName, NtlmPasswordAuthentication auth, SID[] sids, int offset, int length) static byte[]
toByteArray
(jcifs.dcerpc.rpc.sid_t sid) Return a String representing this SID ideal for display to users.toString()
Return the numeric representation of this sid such as S-1-5-21-1496946806-2192648263-3843101252-1029.Methods inherited from class jcifs.dcerpc.rpc.sid_t
decode, encode
-
Field Details
-
SID_TYPE_USE_NONE
public static final int SID_TYPE_USE_NONE- See Also:
-
SID_TYPE_USER
public static final int SID_TYPE_USER- See Also:
-
SID_TYPE_DOM_GRP
public static final int SID_TYPE_DOM_GRP- See Also:
-
SID_TYPE_DOMAIN
public static final int SID_TYPE_DOMAIN- See Also:
-
SID_TYPE_ALIAS
public static final int SID_TYPE_ALIAS- See Also:
-
SID_TYPE_WKN_GRP
public static final int SID_TYPE_WKN_GRP- See Also:
-
SID_TYPE_DELETED
public static final int SID_TYPE_DELETED- See Also:
-
SID_TYPE_INVALID
public static final int SID_TYPE_INVALID- See Also:
-
SID_TYPE_UNKNOWN
public static final int SID_TYPE_UNKNOWN- See Also:
-
SID_FLAG_RESOLVE_SIDS
public static final int SID_FLAG_RESOLVE_SIDS- See Also:
-
EVERYONE
-
CREATOR_OWNER
-
SYSTEM
-
-
Constructor Details
-
SID
public SID(byte[] src, int si) -
SID
Construct a SID from it's textual representation such as S-1-5-21-1496946806-2192648263-3843101252-1029.- Throws:
SmbException
-
SID
Construct a SID from a domain SID and an RID (relative identifier). For example, a domain SID S-1-5-21-1496946806-2192648263-3843101252 and RID 1029 would yield the SID S-1-5-21-1496946806-2192648263-3843101252-1029. -
SID
-
-
Method Details
-
resolveSids
public static void resolveSids(String authorityServerName, NtlmPasswordAuthentication auth, SID[] sids, int offset, int length) throws IOException - Throws:
IOException
-
resolveSids
public static void resolveSids(String authorityServerName, NtlmPasswordAuthentication auth, SID[] sids) throws IOException Resolve an array of SIDs using a cache and at most one MSRPC request.This method will attempt to resolve SIDs using a cache and cache the results of any SIDs that required resolving with the authority. SID cache entries are currently not expired because under normal circumstances SID information never changes.
- Parameters:
authorityServerName
- The hostname of the server that should be queried. For maximum efficiency this should be the hostname of a domain controller however a member server will work as well and a domain controller may not return names for SIDs corresponding to local accounts for which the domain controller is not an authority.auth
- The credentials that should be used to communicate with the named server. As usual, null indicates that default credentials should be used.sids
- The SIDs that should be resolved. After this function is called, the names associated with the SIDs may be queried with the toDisplayString, getDomainName, and getAccountName methods.- Throws:
IOException
-
getServerSid
- Throws:
IOException
-
toByteArray
public static byte[] toByteArray(jcifs.dcerpc.rpc.sid_t sid) -
getDomainSid
-
getRid
public int getRid() -
getType
public int getType()Returns the type of this SID indicating the state or type of account.SID types are described in the following table.
Type Name SID_TYPE_USE_NONE 0 SID_TYPE_USER User SID_TYPE_DOM_GRP Domain group SID_TYPE_DOMAIN Domain SID_TYPE_ALIAS Local group SID_TYPE_WKN_GRP Builtin group SID_TYPE_DELETED Deleted SID_TYPE_INVALID Invalid SID_TYPE_UNKNOWN Unknown -
getTypeText
Return text represeting the SID type suitable for display to users. Text includes 'User', 'Domain group', 'Local group', etc. -
getDomainName
Return the domain name of this SID unless it could not be resolved in which case the numeric representation is returned. -
getAccountName
Return the sAMAccountName of this SID unless it could not be resolved in which case the numeric RID is returned. If this SID is a domain SID, this method will return an empty String. -
hashCode
public int hashCode() -
equals
-
toString
Return the numeric representation of this sid such as S-1-5-21-1496946806-2192648263-3843101252-1029. -
toDisplayString
Return a String representing this SID ideal for display to users. This method should return the same text that the ACL editor in Windows would display.Specifically, if the SID has been resolved and it is not a domain SID or builtin account, the full DOMAIN\name form of the account will be returned (e.g. MYDOM\alice or MYDOM\Domain Users). If the SID has been resolved but it is is a domain SID, only the domain name will be returned (e.g. MYDOM). If the SID has been resolved but it is a builtin account, only the name component will be returned (e.g. SYSTEM). If the sid cannot be resolved the numeric representation from toString() is returned.
-
resolve
Manually resolve this SID. Normally SIDs are automatically resolved. However, if a SID is constructed explicitly using a SID constructor, JCIFS will have no knowledge of the server that created the SID and therefore cannot possibly resolve it automatically. In this case, this method will be necessary.- Parameters:
authorityServerName
- The FQDN of the server that is an authority for the SID.auth
- Credentials suitable for accessing the SID's information.- Throws:
IOException
-
getGroupMemberSids
public SID[] getGroupMemberSids(String authorityServerName, NtlmPasswordAuthentication auth, int flags) throws IOException - Throws:
IOException
-