Win32 account SID lookup if user and group have the same name?

Corinna Vinschen
Tue Feb 13 10:20:25 GMT 2024

On Feb 13 02:12, Dan Shelton via Cygwin wrote:
> Hello!
> How can I get the SID for either user XOR group if both have the same
> name? Remember Cygwin, as Unix and Linux, allow that a user "danfsh"
> can have his own group "danfsh". That works fine there, but on Win32
> there is only LookupAccountSidA() which has no way to distinguish
> whether you want a user SID or a group SID.

User and group "danfsh" are NOT a user and a group.  Rather, there is
actually only one user account "danfsh" and Windows fills in your user
token with the *same* SID as primary group.

The weird thing in Windows is that it has no strict concept of groups.
The user token contains primary and supplementary group info, but the OS
can fill them with basically any SID it can lay its hands on.

And at one point (I'm deliberately vague here since I don't know exactly
when this occured), Microsoft started to fill in the primary group of
some local account with the user SID, rather than with the "None"(*)
group as is usually the default for local accounts.

(*) That's the local domain SID with RID 513. The name of the group
    is actually localized.

> How can I get the SID for group "danfsh", or the SID for user "danfsh"?

It's the same SID and it's your user SID.  There can't be a group with
the same name as a user account in the same user DB.  Each account in
the local domain or in an AD domain has to have a unique account name.


