[jcifs] Querying SIDs with NTLM + JCIFS 1.3.0

Michael B Allen ioplex at gmail.com
Fri Nov 14 20:48:39 GMT 2008 

There's no code to resolve a name to a SID, only a SID to a name. It
would be necessary to add the correct IDL, create new classes in
jcifs.dcerpc.msrpc, modify the API, ... etc. I do not have time for
that. I'm very backed up here. Sorry.

If you figure out how to do it yourself, send us a patch and I'll put
it in the patches directory. There are probably other people that want
to do the same thing.

Mike

PS: You can also use LDAP to get the SID. It's the account's objectSid
attribute.

On Thu, Nov 13, 2008 at 3:32 PM, Tom Scheideck <scheidecker at hotmail.com> wrote:
> Hello,
>
> After authenticating an user via NTLM, how can I obtain the SID from the
> User, not the SID from the Domain?
>
> Note the code snippet. I can obtain the Domain SID from the
> NtlmPasswordAuthentication object but I cannot get the current user domain
> SID which is what I would like to get to fetch all the group SIDs related to
> it.
>
> I cannot use Active Directory for this, it is a new requirement for NTLM
> only,
>
> Also, any way to get the current user SID and all the Group SIDs for it from
> NTLM?
>
> I can get the Domain SID but that is it.
>
> I am using JCIFs 1.3.0 jar.
>
> In my code, I try to force SIDs by trying to loop all possibilites from RID
> 1120 and then call resolveSids.
>
> But, that does not work.
>
> Any light to this?
>
> Thanks in advance.
>
>
> try {
>     UniAddress myDomain = getPrimaryDomain(ip);
>     NTLMAuth = new NtlmPasswordAuthentication(domainName,userName,password);
>     SmbSession.logon(myDomain, NTLMAuth);
>     // after loging in, here's how to get the SID for the Domain
>     jcifs.smb.SID mySid = jcifs.smb.SID.getServerSid(hostName, NTLMAuth);
>   // this returns something like
>   // Sid Domain SID: S-1-5-21-796745780-2711697408-451074171
>   // trying to resolve SIDs this way DOES NOT work
>   SID[] sids = new SID[10];
>     sids[0] = mySid; // assigns domain SID???
>
>     jcifs.smb.SID.resolveSids(hostName, NTLMAuth, sids);
>
>     for (int i = 0; i < sids.length; i++ ) {
>         System.out.println("Sids["+i+"] Type: " +sids[i].getType());
>     }
>
>     // Second attempt, fails as well
>
>     String sidDomainId = ""+mySid.getDomainSid();
>
>     SID domsid = new SID(sidDomainId);
>     int rid = 1120;
>     int count = 150;
>
>     SID[] sids = new SID[count];
>     for (int i = 0; i < sids.length; i++) {
>         sids[i] = new SID(domsid, rid++);
>     }
>     SID.resolveSids("ts0", null, sids);
>     for (int i = 0; i < sids.length; i++) {
>         System.out.println("My SIDs "+sids[i].toString());
>     }
>
>
>   } catch (SmbException smbe) {
>       System.out.println("Failed to Authenticate: "+smbe.getMessage()+"
> NTStatus: "+smbe.getNtStatus());
>   } catch (Exception e) {
>       System.out.println("Failed to Authenticate: "+e.getMessage());
>   }
> ________________________________
> Color coding for safety: Windows Live Hotmail alerts you to suspicious
> email. Sign up today.



-- 
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/

More information about the jcifs mailing list