Re: Translate BUILTIN to domain name

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

BUILTIN is a special pseudo domain (like NT AUTHORITY) that correspond to
well known accounts with pre-defined SIDs.

You can just use use them as-is and shouldn't replace them by the local (or
another) domain name.

/LM


"Anders K. Olsen" <akol_dk@xxxxxxxxxxx> wrote in message
news:uyVZVTWLGHA.744@xxxxxxxxxxxxxxxxxxxxxxx
Hello group

I'm trying to list the users and groups who has read access to a file.

I use .NET 2.0 and FileInfo.GetAccessControl().GetAccessRules(...) and
then loop through the FileSystemAccessRule objects. Using these objects,
it is easy to use rule.IdentityReference.Translate(typeof(NTAccount)) to
get the NTAccount object.

I have noticed that some of the NTAccounts can belong to BUILTIN domains,
e.g. BUILTIN\Users. I need to translate this BUILTIN domain name to an
actual computer or domain name. Just like it is done when I click on the
Security tab of the file property dialog.

If it is on my local computer, I guess that I sould just translate it into
the local computer name. However, what should I do if it is on a remote
computer? If the remote computer is a Domain controller, it looks as if I
should translate it to <DOMAIN>\Users instead of <COMPUTERNAME>\Users.

My problem is, that i don't know if the file is a local file or on a
remote computer. And if I could fint out if it is a local or remote file,
how do I find out if it is on the domain controller?

If this is the wrong group to ask, then please let me know.

Thank you for your help

Regards
Anders



.