Directory Services

Getting the Domain Account-Style Name of a Group

Users, groups, computers, and other security principals can be represented in domain account form. Domain account (the logon name used in earlier versions of Windows NT®) has the following form:

domain\account

Where domain is the name of the Windows NT domain that contains the user and account is the samAccountName property of the specified user. For example: Fabrikam\jeffsmith.

The domain account form can specify the trustee in an ACE in a security descriptor. It is also used for the logon name on computers running Windows version NT 4.0 and earlier.

// Need to include the following headers to use DsGetDcName.
// #include <LMCONS.H>
// #include <Dsgetdc.h>
// #include <Lmapibuf.h>
// This function returns the previous version name of the security principal 
// specified by the distinguished name specified by szDN.
// The szDomain parameter should be NULL to use the current domain
// to get the name translation. Otherwise, specify the domain to use as the
// domain name (such as liliput) 
// or in dotted format (such as lilliput.Fabrikam.com).
HRESULT GetDownlevelName(LPOLESTR szDomainName, LPOLESTR szDN, LPOLESTR *ppNameString)
{
HRESULT hr = E_FAIL;
IADsNameTranslate *pNameTr = NULL;
IADs *pObject = NULL;
CComBSTR sbstrInitDomain = "";
 
if ((!szDN)||(!ppNameString))
{
	return hr;
}
 
// Use the current domain if none is specified.
if (!szDomainName)
{
	// Call DsGetDcName to get the name of this computer's domain.
	PDOMAIN_CONTROLLER_INFO DomainControllerInfo = NULL;
	DWORD dReturn = 0L;
	dReturn = DsGetDcName(  NULL,
				NULL,
				NULL,
				NULL,
				DS_DIRECTORY_SERVICE_REQUIRED,
				&DomainControllerInfo
	);
	if (dReturn==NO_ERROR)
	{
		sbstrInitDomain = DomainControllerInfo->DomainName;
		hr = S_OK;
}
 
	// Free the buffer.
	if (DomainControllerInfo)
		NetApiBufferFree(DomainControllerInfo);
}
else
{
	sbstrInitDomain = szDomainName;
	hr = S_OK;
}
 

if (SUCCEEDED(hr))
{
 
	// Create the COM object for the IADsNameTranslate object.
	hr  = CoCreateInstance( 
								CLSID_NameTranslate,
								NULL,
								CLSCTX_INPROC_SERVER,
								IID_IADsNameTranslate,
								(void **)&pNameTr
						);
	if (SUCCEEDED(hr))
	{
 
		// Initialize for the specified domain.
		hr = pNameTr->Init(ADS_NAME_INITTYPE_DOMAIN, sbstrInitDomain);
		if (SUCCEEDED(hr))
		{
			CComBSTR sbstrNameTr;

			hr = pNameTr->Set(ADS_NAME_TYPE_1779, CComBSTR(szDN));
			hr = pNameTr->Get(ADS_NAME_TYPE_NT4, &sbstrNameTr);
			if (SUCCEEDED(hr))
			{
				*ppNameString = (OLECHAR *)CoTaskMemAlloc (sizeof(OLECHAR)*(sbstrNameTr.Length() + 1));
				if (*ppNameString)
					wcscpy(*ppNameString, sbstrNameTr);
				else
					hr=E_FAIL;
		}
	}

		pNameTr->Release();
}
}
 
// Caller must call CoTaskMemFree to free ppNameString.
return hr;
}