Does a System.DirectoryServices.AccountManagement.Principal ever have a null GUID?

Question

I have a situation where I need to store a globally unique identifier that points to an Active Directory user account. I'm leaning towards the Guid because it is easier to store than the Sid.

According to the MSDN entry, the property (which is a Nullable), will always return null if the ContextType is set to "Machine." I don't need to worry about this because our ContextType will always be set to "Domain."

My question is, will this property ever return null if the ContextType is "Domain"? In other words, will an account in an AD DS store always have a Guid?

Answer 1

I don't have a definitive answer, but I wrote a simple console app that ran through all our Active Directory user accounts.

For us, at least, the answer is no. The Principal will always have a Guid, so long as the ContextType is "Domain"