I know this question has been asked many times on SO, but none of them answer my question.
I know from studying for the Comptiat A+ that when using automated (unattended) installations techs always have to go back and change the MACHINE SID before the OS can be activated on each machine. There seems to be a lot of questions about how to get the SID with networks and such, but I know there is also a machine SID that cant be changed. For those of you who have used Fix-It Utilities boot disk, there is a button, "change SID" and that will make windows fail to boot if its already activated.
My question is similar to this one, but his question was never really answered. My question is, how do I get the MACHINE Windows Installation SID using c#.
Well, it depends which computer SID you want (seriously!). There's the SID that the local computer uses for itself... For this, you just need to get the SID of the local Administrator user, and remove the "-500" from the end to get the computer's SID.
In C# on .NET 3.5:
using System;
using System.Security.Principal;
using System.DirectoryServices;
using System.Linq;
public static SecurityIdentifier GetComputerSid()
{
return new SecurityIdentifier((byte[])new DirectoryEntry(string.Format("WinNT://{0},Computer", Environment.MachineName)).Children.Cast<DirectoryEntry>().First().InvokeGet("objectSID"), 0).AccountDomainSid;
}
On the other hand, there's the SID that Active Directory uses to identify each domain member computer... That one you fetch by getting the SID of the machine account in the domain--the one that ends with a dollar sign.