tags:

views:

430

answers:

2
Q: 

What is the NativeGuid in DirectoryEntry when querying via the WinNT provider?

I'm writing an application which I want to work with both Active Directory and local users and groups. I thought I could use the NativeGuid property of a DirectoryEntry as a unique identifier which was retrieved using the WinNT provider against LocalHost. However, using the following code in LinqPad I get the same NativeGuid for both entries. Querying Active Dirctory with the LDAP provider appears to yield unique results, but now I'm unsure.

System.DirectoryServices.DirectoryEntry localuserde = 
  new System.DirectoryServices.DirectoryEntry("WinNT://localhost/localuser");
localuserde.NativeGuid.Dump("localUser Guid");

System.DirectoryServices.DirectoryEntry adminde = 
new System.DirectoryServices.DirectoryEntry("WinNT://localhost/administrator");
adminde.NativeGuid.Dump("administrator Guid");

Can someone please explain what the NativeGuid represents when using the WinNT provider, and is there a good alternative for a uniqueId or is the SID a better choice?

To run the above in LinqPad hit F4 and add System.DirectoryServices.dll to the list of assemblies. Then make sure that localuser either exists or change the name to a local user on the system. Then hit F5.

Thanks,

Shane Holder

A: 

This other question says not to use NativeGuid. I would use the "SID" instead.

David  2009-05-14 20:28:39
A: 

I would think the SID is probably your best bet in any user- and group-related scenario here. There's really no other unique identifier - especially not with the WinNT provider.

For more info on the WinNT vs. LDAP discussion and for great reference Excel sheets on what properties each of those providers really expose (and what their names are), visit Richard Mueller's Hilltop Lab. Richard is an ADSI MVP and has excellent contents for anyone interested in Active Directory and LDAP.

Marc

marc_s  2009-05-14 20:28:57

related questions

Querying Active Directory with "SQL"?
Can I get more than 1000 records from a DirectorySearcher in Asp.Net?
How to get AD User Groups for user in Asp.Net?
Attempting to update a user's "connect to:" home directory path in AD using C#
Monitoring group membership in Active Directory more efficiently (C# .NET)
How do I speed up data retrieval from .NET AD within ColdFusion
How do you authenticate against an Active Directory server using Spring Security?
Managing large user databases for single-signon.
Move Active Directory Group to Another OU using Powershell
How to move SharePoint sites from one active directory domain to another?
When did I last talk to my Domain Server?
Using ActiveDirectoryMembershipProvider with two domain controllers
I am having trouble getting phpBB to authenticate with our Active Directory
How do I use ADAM to run unit tests?
COMException "Library not registered." while using System.DirectoryServices
Caching Active Directory Data
Windows / Active Directory - User / Groups
Get a list of available domains (NT4 and Active Directory)
How do I use NTLM authentication with Active Directory
I/O permission settings using .net installer
quoting System.DirectoryServices.ResultPropertyCollection
How do you impersonate an Active Directory user in Powershell?
Setting Group Type for new Active Directory Entry in VB.NET
Is there a way for MS Access to grab the current Active Directory user?
Checklist for IIS 6/ASP.NET Windows Authentication?