PRB: LookupAccountName Returns Machine SID Instead of User SI (185246)

SYMPTOMS

If you run an application that calls the LookupAccountName() API on a machine with the same name as the user you are trying to lookup, the API returns the SID of the machine instead of the SID of the user.

For example, you have a machine named FOO and a user named FOO, and you execute the following on the machine FOO:

   LookupAccountName(
     NULL,                   // Machine to lookup account on.
     "foo",                  // Address of string for account name.
     Sid,                    // Address of security identifier.
     cbSid,                  // Address of size of security identifier.
     ReferencedDomainName,   // Address of string for referenced domain.
     cbReferencedDomainName, // Address of size of domain string.
     peUse                   // Address of SID-type indicator.
     );

The SID that is returned will be of the machine FOO, not the user FOO. This same problem occurs when there is a local group with the same name as the machine.

RESOLUTION

You can insure that LookupAccountName() API will look up the user or group by specifying the name in the form machine\name. Use one of the following methods to determine if this is necessary:

In the case described above, the peUse variable will be SidTypeDomain instead of SidTypeUser or SidTypeGroup, as you would expect. On return from the function, check to see if the SID is SidTypeDomain, and if that is the case, call the function again specifying "machinename\\username" as the lpAccountName parameter to LookupAccountName.
Call GetComputerName() before calling LookupAccountName. If the computer name matches the user name to lookup, use "machinename\\username".

PRB: LookupAccountName Returns Machine SID Instead of User SI (185246)

SYMPTOMS

RESOLUTION

STATUS