none
How to obtain a list of built-in users and default groups on the localmachine RRS feed

  • Question

  • Hi,

    I need to generate a list of all the Built-in security principals on my local machine. I can see some of this list if I open properties for any file or folder, switch to the Security tab, click on the Add button, Object Types button, uncheck all but Built-in security principals, type a letter ("A") and click on Check Names. In this case I would get "Anonymous Logon" and "Authenticated Users".  Hopefully it can be done from System.DirectoryServices but if I have to I can got the PInvoke way.

    Thanks


    Mario
    Friday, April 30, 2010 3:43 PM

Answers

  • Thanks for the quick reply.

    That will give me the users on the local machine, but not the Windows Built-in Users and Default Groups

    See http://ss64.com/nt/syntax-security_groups.html

    I was able to make progress with this

        private List<string> CreateWellKnownSids()
        {
          List<string> sids = new List<string>();
    
          SecurityIdentifier sid; 
          string sidName;
          foreach (WellKnownSidType sidType in Enum.GetValues(typeof(WellKnownSidType)))
          {
            try
            {
              sid = new SecurityIdentifier(sidType, null);
            }
            catch
            {
              Debug.WriteLine("failed to create: " + sidType.ToString());
              continue;
            }
            sidName = TranslateSid(sid);
    
            if (string.IsNullOrEmpty(sidName) == false)
              sids.Add(sidName);
          }
    
    
          return sids;
        }
    
        private string TranslateSid(SecurityIdentifier sid)
        {
          string sidName = string.Empty;
          try 
          {
            sidName = sid.Translate(typeof(NTAccount)).Value;
          }
          catch
          {
            Debug.WriteLine("failed to translate: " + sid.ToString());
          }
          return sidName;
        }

    which returns

     

     

     

    NULL SID
    Everyone
    LOCAL
    CREATOR OWNER
    CREATOR GROUP
    CREATOR OWNER SERVER
    CREATOR GROUP SERVER
    NT AUTHORITY\DIALUP
    NT AUTHORITY\NETWORK
    NT AUTHORITY\BATCH
    NT AUTHORITY\INTERACTIVE
    NT AUTHORITY\SERVICE
    NT AUTHORITY\ANONYMOUS LOGON
    NT AUTHORITY\PROXY
    NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS
    NT AUTHORITY\SELF
    NT AUTHORITY\Authenticated Users
    NT AUTHORITY\RESTRICTED
    NT AUTHORITY\TERMINAL SERVER USER
    NT AUTHORITY\REMOTE INTERACTIVE LOGON
    NT AUTHORITY\SYSTEM
    NT AUTHORITY\LOCAL SERVICE
    NT AUTHORITY\NETWORK SERVICE
    BUILTIN\Administrators
    BUILTIN\Users
    BUILTIN\Guests
    BUILTIN\Power Users
    BUILTIN\Backup Operators
    BUILTIN\Replicator
    BUILTIN\Remote Desktop Users
    BUILTIN\Network Configuration Operators
    

     


    Mario
    • Proposed as answer by HamAndFig Friday, April 30, 2010 9:38 PM
    • Marked as answer by eryang Friday, May 21, 2010 7:29 AM
    Friday, April 30, 2010 5:36 PM

All replies

  • Using the following code snippet will give you the list of users in the host box.

          System.DirectoryServices.DirectoryEntry directoryEntry = new System.DirectoryServices.DirectoryEntry("WinNT://" + Environment.MachineName);
    
          string output = string.Empty;
          
          foreach (DirectoryEntry child in directoryEntry.Children)
          {
            if (child.SchemaClassName == "User")
            { output += child.Name + Environment.NewLine; }
          }
     
          Console.WriteLine(output);
          Console.ReadLine();
    

     

    Be sure to add reference to System.DirectoryServices.

     

    Friday, April 30, 2010 4:34 PM
  • Thanks for the quick reply.

    That will give me the users on the local machine, but not the Windows Built-in Users and Default Groups

    See http://ss64.com/nt/syntax-security_groups.html

    I was able to make progress with this

        private List<string> CreateWellKnownSids()
        {
          List<string> sids = new List<string>();
    
          SecurityIdentifier sid; 
          string sidName;
          foreach (WellKnownSidType sidType in Enum.GetValues(typeof(WellKnownSidType)))
          {
            try
            {
              sid = new SecurityIdentifier(sidType, null);
            }
            catch
            {
              Debug.WriteLine("failed to create: " + sidType.ToString());
              continue;
            }
            sidName = TranslateSid(sid);
    
            if (string.IsNullOrEmpty(sidName) == false)
              sids.Add(sidName);
          }
    
    
          return sids;
        }
    
        private string TranslateSid(SecurityIdentifier sid)
        {
          string sidName = string.Empty;
          try 
          {
            sidName = sid.Translate(typeof(NTAccount)).Value;
          }
          catch
          {
            Debug.WriteLine("failed to translate: " + sid.ToString());
          }
          return sidName;
        }

    which returns

     

     

     

    NULL SID
    Everyone
    LOCAL
    CREATOR OWNER
    CREATOR GROUP
    CREATOR OWNER SERVER
    CREATOR GROUP SERVER
    NT AUTHORITY\DIALUP
    NT AUTHORITY\NETWORK
    NT AUTHORITY\BATCH
    NT AUTHORITY\INTERACTIVE
    NT AUTHORITY\SERVICE
    NT AUTHORITY\ANONYMOUS LOGON
    NT AUTHORITY\PROXY
    NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS
    NT AUTHORITY\SELF
    NT AUTHORITY\Authenticated Users
    NT AUTHORITY\RESTRICTED
    NT AUTHORITY\TERMINAL SERVER USER
    NT AUTHORITY\REMOTE INTERACTIVE LOGON
    NT AUTHORITY\SYSTEM
    NT AUTHORITY\LOCAL SERVICE
    NT AUTHORITY\NETWORK SERVICE
    BUILTIN\Administrators
    BUILTIN\Users
    BUILTIN\Guests
    BUILTIN\Power Users
    BUILTIN\Backup Operators
    BUILTIN\Replicator
    BUILTIN\Remote Desktop Users
    BUILTIN\Network Configuration Operators
    

     


    Mario
    • Proposed as answer by HamAndFig Friday, April 30, 2010 9:38 PM
    • Marked as answer by eryang Friday, May 21, 2010 7:29 AM
    Friday, April 30, 2010 5:36 PM
  •  

    Hi Mario,

    Glad to see that you have find out a solution, if you have any concern about it, please feel free to let us know.


    Sincerely,
    Eric
    MSDN Subscriber Support in Forum
    If you have any feedback of our support, please contact msdnmg@microsoft.com.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    Tuesday, May 4, 2010 5:46 AM