如何提取计算机/机器SID?

时间:2011-10-03 23:23:46

标签: delphi winapi registry sid

我正在寻找一种使用Delphi代码提取计算机SID的方法。 SysInternals有一个名为PsGetSid的工具可以做到这一点,但我不能在我的应用程序中使用它。我在Google中搜索了一个代码示例,但找不到。

如何在Delphi中实现这一目标?

请帮忙。

3 个答案:

答案 0 :(得分:9)

这是使用LookupAccountName WinAPi函数的示例,如@MikeKwan所示。

{$APPTYPE CONSOLE}

uses
  Windows,
  SysUtils;


function ConvertSidToStringSid(Sid: PSID; out StringSid: PChar): BOOL; stdcall;  external 'ADVAPI32.DLL' name {$IFDEF UNICODE} 'ConvertSidToStringSidW'{$ELSE} 'ConvertSidToStringSidA'{$ENDIF};

function SIDToString(ASID: PSID): string;
var
  StringSid : PChar;
begin
  if not ConvertSidToStringSid(ASID, StringSid) then
    RaiseLastWin32Error;

  Result := string(StringSid);
end;

function GetLocalComputerName: string;
var
  nSize: DWORD;
begin
  nSize := MAX_COMPUTERNAME_LENGTH + 1;
  SetLength(Result, nSize);
  if not GetComputerName(PChar(Result), {var}nSize) then
  begin
    Result := '';
    Exit;
  end;

  SetLength(Result, nSize);
end;

function GetComputerSID:string;
var
  Sid: PSID;
  cbSid: DWORD;
  cbReferencedDomainName : DWORD;
  ReferencedDomainName: string;
  peUse: SID_NAME_USE;
  Success: BOOL;
  lpSystemName : string;
  lpAccountName: string;
begin
  Sid:=nil;
  try
    lpSystemName:='';
    lpAccountName:=GetLocalComputerName;

    cbSid := 0;
    cbReferencedDomainName := 0;
    // First call to LookupAccountName to get the buffer sizes.
    Success := LookupAccountName(PChar(lpSystemName), PChar(lpAccountName), nil, cbSid, nil, cbReferencedDomainName, peUse);
    if (not Success) and (GetLastError = ERROR_INSUFFICIENT_BUFFER) then
    begin
      SetLength(ReferencedDomainName, cbReferencedDomainName);
      Sid := AllocMem(cbSid);
      // Second call to LookupAccountName to get the SID.
      Success := LookupAccountName(PChar(lpSystemName), PChar(lpAccountName), Sid, cbSid, PChar(ReferencedDomainName), cbReferencedDomainName, peUse);
      if not Success then
      begin
        FreeMem(Sid);
        Sid := nil;
        RaiseLastOSError;
      end
      else
        Result := SIDToString(Sid);
    end
    else
      RaiseLastOSError;
  finally
    if Assigned(Sid) then
     FreeMem(Sid);
  end;
end;


begin
 try
   Writeln(GetComputerSID);
 except
    on E:Exception do
        Writeln(E.Classname, ':', E.Message);
 end;
 Writeln('Press Enter to exit');
 Readln;
end.

答案 1 :(得分:4)

您可以使用Win32_Account WMI类,从用户帐户SID中提取计算机SID。

例如,对于SID为

的用户帐户
S-1-5-21-1299824301-1797996836-594316699-1009

机器SID将

S-1-5-21-1299824301-1797996836-594316699

检查此样本

program GetWMI_Info;

{$APPTYPE CONSOLE}

uses
  SysUtils,
  ActiveX,
  ComObj,
  Variants;

function  GetComputerSID:string;
const
  WbemUser            ='';
  WbemPassword        ='';
  WbemComputer        ='localhost';
  wbemFlagForwardOnly = $00000020;
var
  FSWbemLocator : OLEVariant;
  FWMIService   : OLEVariant;
  FWbemObjectSet: OLEVariant;
  FWbemObject   : OLEVariant;
  oEnum         : IEnumvariant;
  iValue        : LongWord;
begin;
  FSWbemLocator := CreateOleObject('WbemScripting.SWbemLocator');
  FWMIService   := FSWbemLocator.ConnectServer(WbemComputer, 'root\CIMV2', WbemUser, WbemPassword);
  FWbemObjectSet:= FWMIService.ExecQuery('SELECT SID FROM Win32_Account Where SIDType=1','WQL',wbemFlagForwardOnly);
  oEnum         := IUnknown(FWbemObjectSet._NewEnum) as IEnumVariant;
  if oEnum.Next(1, FWbemObject, iValue) = 0 then
  begin
    Result:=FWbemObject.SID;
    Result:=Copy(Result,1,LastDelimiter('-',Result)-1);
    FWbemObject:=Unassigned;
  end;
end;


begin
 try
    CoInitialize(nil);
    try
      Writeln(GetComputerSID);
    finally
      CoUninitialize;
    end;
 except
    on E:EOleException do
        Writeln(Format('EOleException %s %x', [E.Message,E.ErrorCode]));
    on E:Exception do
        Writeln(E.Classname, ':', E.Message);
 end;
 Writeln('Press Enter to exit');
 Readln;
end.

答案 2 :(得分:0)

您可以使用LookupAccountName获取它。传入NULL表示第一个参数,机器名称表示第二个参数。