SID conversion: String-to-Binary-to-String Program Example
The ConvertSidToStringSid() and ConvertStringSidToSid() functions convert a SID to and from string format. For Windows NT 4.0 and earlier the ConvertSidToStringSid() and ConvertStringSidToSid() are not supported.
Create a new empty Win32 console application project. Give a suitable project name and change the project location if needed.
Then, add the source file and give it a suitable name.
Next, add the following source code.
// Playing with SID format: Binary SID vs string SID
#include <windows.h>
#include <stdio.h>
#include <sddl.h>
#include <aclapi.h>
int wmain(int argc, WCHAR **argv)
{
DWORD SidSize, SidSize2;
PSID TheSID = NULL;
LPTSTR pSid = L;
SidSize = SECURITY_MAX_SID_SIZE;
wprintf(LCreate a well known \WinLocalSystemSid\ SID.\n);
wprintf(L--------------------------------------------\n);
// Allocate ample buffer for the largest possible SID.
if(!(TheSID = LocalAlloc(LMEM_FIXED, SidSize)))
{
wprintf(LCould not allocate buffer, error %u.\n, GetLastError());
// Just exit
exit(1);
}
else
wprintf(LBuffer allocated for TheSID successfully.\n);
// Create a SID for the Local system on the local computer.
if(!CreateWellKnownSid(
WinLocalSystemSid, // Well known Local system SID
NULL, // Domain SID, NULL for local computer
TheSID, // Pointer to memory for new SID
&SidSize // Pointer in DWORD the number of byte of TheSid
))
{
wprintf(LCreateWellKnownSid() failed, error %u.\n, GetLastError());
}
else
{
wprintf(LCreateWellKnownSid() for Local system is OK.\n);
wprintf(L\nConvert the \WinLocalSystemSid\ SID to string SID.\n);
wprintf(L--------------------------------------------------\n);
// Get the string version of the SID (S-R-I-I...)
if(!(ConvertSidToStringSid(
TheSID, // Pointer to the SID structure to be converted
&pSid))) // Pointer to variable that receives the null-terminated SID string
{
wprintf(LConvertSidToStringSid() failed, error %u\n, GetLastError());
exit(1);
}
else
{
wprintf(LConvertSidToStringSid() is OK.\n);
wprintf(LThe SID string for WinLocalSystemSid is: %s\n, pSid);
}
}
if(IsValidSid(TheSID))
wprintf(LThe SID is valid!\n);
else
wprintf(LThe SID is not valid!\n);
//**********************************************************
// TODO: Then, use the string SID as needed.
// ...
// When done, don't forget to release the buffer used.
//**********************************************************
if(LocalFree(TheSID) == NULL)
wprintf(LTheSID buffer was freed up...\n);
else
wprintf(LFailed to free up TheSID buffer, error %u\n, GetLastError());
//************************************************************
LPTSTR StringSid = LS-1-5-18; // or SY - a well known Local System
PSID TheSID2 = NULL;
SidSize2 = SECURITY_MAX_SID_SIZE;
// S-R-5-18 and equal to...
// SECURITY_NT_AUTHORITY\\SECURITY_LOCAL_SYSTEM_RID
// But they are stored as in binary format in a SID structure
wprintf(L\nConvert the \S-1-5-18\ string SID to SID and then reconvert.\n);
wprintf(L------------------------------------------------------------\n);
if(!(TheSID2 = LocalAlloc(LMEM_FIXED, SidSize2)))
{
wprintf(LCould not allocate buffer for TheSID2, error %u.\n, GetLastError());
exit(1);
}
else
wprintf(LBuffer allocated for TheSID2 successfully.\n);
//*************************************************
if(!ConvertStringSidToSid(
StringSid, // Pointer to a null-terminated string containing the string-format SID to convert
&TheSID2)) // Pointer to a variable that receives a pointer to the converted SID
{
wprintf(LConvertStringSidToSid() for Local systemfailed, error %u\n, GetLastError());
exit(1);
}
else
{
wprintf(LConvertStringSidToSid() for Local system is OK.\n);
}
// Re-convert to string SID
if(!(ConvertSidToStringSid(
TheSID2, // Pointer to the SID structure to be converted
&StringSid))) // Pointer to variable that receives the null-terminated SID string
{
wprintf(LConvertSidToStringSid() again failed, error %u\n, GetLastError());
exit(1);
}
else
{
wprintf(LConvertSidToStringSid() is OK.\n);
wprintf(LThe SID string for WinLocalSystemSid is: %s\n, pSid);
}
if(IsWellKnownSid(TheSID2, WinLocalSystemSid))
wprintf(LThe SID is a well known SID!\n);
else
wprintf(LIsWellKnownSid() failed, error %u.\n, GetLastError());
//**************************************************
if(IsValidSid(TheSID2))
wprintf(LThe SID is valid!\n);
else
wprintf(LIsValidSid() failed, error %u\n, GetLastError());
if(LocalFree(TheSID2) == NULL)
wprintf(LBuffer for TheSID2 was freed up...\n);
else
wprintf(LFailed to free-up TheSID2 buffer...\n);
return 0;
}
Build and run the project. The following screenshot is a sample output.