I'm coding on top of some JNI libraries, and I don't really know the details about how they are doing it, but the output of lib is the windows domain user information with sid and sids... They look as shown below
sids: [
"S-1-5-21-2923429462-2395316905-2569861443-1123",
"S-1-5-32-545",
"S-1-5-2",
"S-1-5-5-0-79699478",
"S-1-5-11",
"S-1-1-0",
"S-1-5-15",
"S-1-18-1",
"S-1-5-21-2923429462-2395316905-2569861443-513"
],
sid: "S-1-5-21-2923429462-2395316905-2569861443-1123"
Issue
Can I get the information without a password but only with a user id?
Is the information changeable?
What are SIDs... I thought there's only one secure identifier.
I'll take a stab at it:
I understand that you're using a Java Native Interface but I'm not sure what other language you're using. If it is with Active Directory, Powershell is perfect for it, though, I'm not sure how it would work with a JNI.
Anyway, here is what I can gather. Each account has a specific Security Identifier, called a SID. There are well-known SIDs for the common accounts (Administrator, for example). Even local account and groups have SIDs, as with any in Active Directory.
If you want to translate a SID to an account, that isn't a problem. If you aren't using Powershell, at least this may give you a starting point:
$SID = New-Object System.Security.Principal.SecurityIdentifier("SID_GOES_HERE")
$user = $SID.Translate([System.Security.Principal.NTAccount])
$user.Value
You could feed each line into these 3 steps by putting it into a function like so:
Function SIDtoUser($SIDint) {
$SID = New-Object System.Security.Principal.SecurityIdentifier($SIDint)
$user = $SID.Translate([System.Security.Principal.NTAccount])
return $user.Value
}
Gather all of the SIDs into an array and run through them like this:
$SIDArray | %{
SIDtoUser($_)
}
I hope this helps. Let me know if I can assist any further.