none
Get current user's GUID

    Question

  • Hi,

    I'm going to integrate my application with Active Directory, so that if i add a Windows user to the app, he/she will not need to login with the app's credentials, pretty much like you have SQL server in mixed mode - you can use SQL login, or you can use windows authentication.
    So i figured out that for Windows users i shouldn't store the username but rather the objectGUID of that user, because if the user gets renamed it should seamlessly affect my app.
    Now, the problem is i can't figure out how to get currently logged in user's GUID without querying AD, because if i'm logged in but not on the network it will not find the DC to query.

    Any ideas?

    Thank you,
    Andrey
    Saturday, March 17, 2007 1:24 AM

Answers

  • Users have SIDs, not GUIDs.  To get the current user's SID use the following code:

    WindowsIdentity user = WindowsIdentity.GetCurrent();
    SecurityIdentifier sid = user.User;

    Michael Taylor - 3/19/07
    http://p3net.mvps.org

     

    Monday, March 19, 2007 1:01 PM

All replies

  • Users have SIDs, not GUIDs.  To get the current user's SID use the following code:

    WindowsIdentity user = WindowsIdentity.GetCurrent();
    SecurityIdentifier sid = user.User;

    Michael Taylor - 3/19/07
    http://p3net.mvps.org

     

    Monday, March 19, 2007 1:01 PM
  • Hi Michael,

    Active Directory user has both SID and objectGUID:

    http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/distrib/dsce_ctl_yicc.mspx?mfr=true

    I need to find a way to get user's GUID.

    Thank you,
    Andrey

    Monday, March 19, 2007 5:43 PM
  • Interesting idea but see no reason for that.
    Why don't use Domain User Groups, instead of adding every user to sql logins. With this method you will setup security of SQL with several number of groups and all management will be posible from Domain user managment.
    Monday, March 19, 2007 6:07 PM
  • I'm not doing anything with SQL logins - i talked about sql to give an example of mixed authentication. I'm going to map the application users to their windows logins, so that they can auto-login to my application. It will work like this: when you start the app and choose to user windows login, it will find your windows login, then from the database it will get the application login fo rthis windows login, and will log you into the app as that user.
    Monday, March 19, 2007 10:16 PM
  • Windows login ID's cannot be changed once created. It's enough for you to just store their login ID.
    Monday, March 19, 2007 11:19 PM
  •  Robert C. Barth wrote:
    Windows login ID's cannot be changed once created. It's enough for you to just store their login ID.

    Not true - i just tried and was able to easily change one of our domain's account logins...

    Tuesday, March 20, 2007 4:12 AM
  • I'm having the same issue. Were you ever able to access the user's GUID through SharePoint?
    Thursday, April 19, 2007 4:08 PM
  • Hey I know this is really old but I thought I'd mention this for anyone else attempting to obtain the GUID for the currently logged in domain user.

    In .Net 3.5 the UserPrinciple class was introduced under the System.DirectoryServices.AccountManagement namespace. It has a property for both getting the current UserPrinciple and the Guid from it.

     

    Example:

    using System.DirectoryServices.AccountManagement;
    
    
    Guid currentGuid = UserPrincipal.Current.Guid;
    

    • Proposed as answer by Fls'Zen Friday, September 02, 2011 2:18 PM
    Wednesday, September 29, 2010 9:38 PM