WMI to lookup username from SID is slooooooooooooow
Dana
by the SID on our domain. But, it very slow. I mean, it takes 15 -20 minutes
to return a username when searching by SID. Pulling a SID by username is
quicker but still takes a few minutes.
Is this just the nature of the WMI beast? Maybe our PDC is just a pig?
Dana
Willy Denoyette [MVP]
I suppose the Domain is an NT4 domain, are the clients also running NT4?
How many user accounts do you have in the Domain?
How many machine accounts?
How does your query looks like?
Did you ever try to use the wbemtest.exe utility (see system32\wbem) to execute the same query?
Why are you using WMI for this?
Willy.
"Dana" <da...@pelerin.com> wrote in message news:#Wlj1bfxBHA.2632@tkmsftngp07...
Dana
This is an NT4 domain, my program is running from my XP workstation (I hope
that's what you meant)
We have about 3000+ accounts and a few hundred groups
I don't know how many machine accounts, 1000 possibly
I'm querying individual users like this:
"SELECT Name FROM Win32_Account WHERE DOMAIN= \"" + domain + "\" AND SID=\""
+ sid + "\""
I am doing this because I have a SQL database that contains the SID's of my
users/groups for a certain reporting system we own. There are several
thousand SID's in this database. The majority of the corresponding
users/groups exist in the domain, and the rest on a particular member
server. I want to query these SID's from my database, retrieve the
usernames from the domain/member server and then use the resulting names to
create usage reports.
The problem is that haven't been able to figure out a way to quickly
retrieve the user names from the domain/member server. I've looked at
pinvoke thinking it would be quicker than WMI but I've yet to get a grasp on
the Marshalling concepts :-( At one point I had though about just
retreiving the entire domain user list and storing in a database that I
could then do my queries from, but it takes a good 15 minutes to get all the
names and I'd rather not do it that way because as soon as I get the list,
it's out of date. (but I'm getting desperate!).
Any suggestions you can give to accomplish this would be most appreciated.
Dana
"Willy Denoyette [MVP]" <willy.d...@pandora.be> wrote in message
news:ebi3BWhxBHA.2048@tkmsftngp03...
Willy Denoyette [MVP]
Could you try with the following query:
"SELECT Name FROM Win32_UserAccount WHERE DOMAIN= \"" + domain + "\" AND SID=\""
+ sid + "\""
The namespace should look like \\DCServerName\root\comv2
(The server name of the DC !!)
Willy.
"Dana" <da...@pelerin.com> wrote in message news:#OgblxhxBHA.1648@tkmsftngp04...
Dana Pellerin
still really slow when pulling names (supplying the SID). I spoke with our
network guys and they seem to think it's something with the actual DC. I
don't see any other reason why it would be so slow. I've tested it with
local machines and the response it very quick.
Dana
"Willy Denoyette [MVP]" <willy.d...@pandora.be> wrote in message
news:#SghvPixBHA.2848@tkmsftngp05...
Mike Jenne [MS]
mess with wrapping ADsSecurity.dll. Another option would be using the
LookupAccountSID Win32 API call.
Long Answer:
You made a comment about making a temp table, dumping all the SIDs from the
domain with their username's into the table, and then doing a join. I would
think this would be a doable operation, because unless you are doing some
sort of domain migration, the SIDs should be statically mapped to a unique
user. This operation shouldn't take 15 minutes, because you will just "dump"
all user and group objects to a table, meaning there will be one search
operation with ~4000 objects returned, instead of ~4000 individual query
operations.
--
Mike Jenne
Atlanta, GA
This posting is provided "AS IS" with no warranties, and confers no rights.
"Dana Pellerin" <da...@pellerin.com> wrote in message
news:e4C7Ax9xBHA.2856@tkmsftngp05...