我遇到了和你一样的问题。经过到处研究后,我终于找到了一个不错的解决方案来解决这个问题:这个想法是使用 WinAPI LookupAccountSid。
我已经针对域帐户和本地帐户对此进行了测试。
Domain\User、NT Authority\System、MachineName\Administrators 都可以工作。
请注意,我没有在那里放置任何异常处理。您可以判断哪种处理方式适合您的场景。要获取异常,您可以使用 System.Runtime.InteropServices.Marshal.GetLastWin32Error()
public enum PrincipalType
{
User,
Group
}
public bool TryGetPrincipalType(string domainQualifiedName, out PrincipalType type)
{
var name = new StringBuilder();
var cchName = (uint) name.Capacity;
var referencedDomainName = new StringBuilder();
var cchReferencedDomainName = (uint) referencedDomainName.Capacity;
SID_NAME_USE sidType;
var account = new NTAccount(domainQualifiedName);
var id = new SecurityIdentifier(account.Translate(typeof (SecurityIdentifier)).Value);
var sidBuffer = new byte[id.BinaryLength];
id.GetBinaryForm(sidBuffer, 0);
if (LookupAccountSid(null, sidBuffer, name, ref cchName, referencedDomainName,
ref cchReferencedDomainName, out sidType))
{
switch (sidType)
{
case SID_NAME_USE.SidTypeGroup:
case SID_NAME_USE.SidTypeWellKnownGroup:
case SID_NAME_USE.SidTypeAlias:
type = PrincipalType.Group;
return true;
case SID_NAME_USE.SidTypeUser:
type = PrincipalType.User;
return true;
}
}
type = default(PrincipalType);
return false;
}
private enum SID_NAME_USE
{
SidTypeUser = 1,
SidTypeGroup,
SidTypeDomain,
SidTypeAlias,
SidTypeWellKnownGroup,
SidTypeDeletedAccount,
SidTypeInvalid,
SidTypeUnknown,
SidTypeComputer
}
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern bool LookupAccountSid(
string lpSystemName,
[MarshalAs(UnmanagedType.LPArray)] byte[] Sid,
StringBuilder lpName,
ref uint cchName,
StringBuilder ReferencedDomainName,
ref uint cchReferencedDomainName,
out SID_NAME_USE peUse);