Skip to content

Instantly share code, notes, and snippets.

@Yvand

Yvand/FixWindowsUsersSid.cs

Created July 25, 2023 13:21
Show Gist options
  • Save Yvand/7d4e92f49afd7b2495ed10dfbacb5c2b to your computer and use it in GitHub Desktop.
Save Yvand/7d4e92f49afd7b2495ed10dfbacb5c2b to your computer and use it in GitHub Desktop.
Download ZIP
Inspect specified Windows users on specified web applications, to ensure that their SID has the expected value, and update it if desired, in the scope of the content database only (the change is not farm wide)
Raw
FixWindowsUsersSid.cs
using Microsoft.SharePoint.Administration;
using Microsoft.SharePoint.Administration.Claims;
using System;
using System.Collections.Generic;
using System.Linq;
namespace InspectUsersId
{
class UserAccount
{
public string Login { get; set; }
public string ExpectedSID { get; set; }
}
internal class Program : IMigrateEntityForWebApplicationCallback
{
static bool Whatif = true;
static string[] WebAppsToProcess = { "http://spsites", "https://anon.contoso.local/" };
List<UserAccount> UserAccountsToVerify = new List<UserAccount>
{
new UserAccount {Login = "contoso\\user1", ExpectedSID = "S-1-5-21-2647467245-1611586658-188888215-9101"},
new UserAccount {Login = "contoso\\user4", ExpectedSID = "S-1-5-21-2647467245-1611586658-188888215-16101"},
};
static void Main(string[] args)
{
//WebAppsToProcess = new string[] { "https://anon.contoso.local/" };
//Whatif = false;
Program migrator = new Program();
SPMigrateEntitiesOperationParameters settings = new SPMigrateEntitiesOperationParameters();
foreach (string url in WebAppsToProcess)
{
SPWebApplication webApp = SPWebApplication.Lookup(new Uri(url));
if (webApp == null || webApp.ContentDatabases.Count == 0) { continue; }
foreach (SPContentDatabase db in webApp.ContentDatabases)
{
settings.AddDatabaseToMigrate(db);
}
Console.WriteLine($"Processing web application '{webApp.Name}'");
webApp.MigrateEntities(migrator, settings);
}
Console.WriteLine("Finished.");
Console.ReadLine();
}
public SPMigrateEntityCallbackResult ConvertEntity(SPClaimMigrationContext context, SPMigrationEntity entity)
{
// Prechecks to skip what is needed
if (entity.NameClaim == null || entity.KeyClaim == null) { return SPMigrateEntityCallbackResult.Skipped; }
SPOriginalIssuerType loginType = SPOriginalIssuers.GetIssuerType(entity.NameClaim.OriginalIssuer);
if (loginType != SPOriginalIssuerType.Windows) { return SPMigrateEntityCallbackResult.Skipped; }
var userAccount = UserAccountsToVerify.First(x => String.Equals(x.Login, entity.NameClaim.Value, StringComparison.CurrentCultureIgnoreCase));
if (userAccount == null) { return SPMigrateEntityCallbackResult.Skipped; }
if (String.Equals(entity.KeyClaim.Value, userAccount.ExpectedSID, StringComparison.CurrentCultureIgnoreCase)) { return SPMigrateEntityCallbackResult.Skipped; }
string newSidValue = userAccount.ExpectedSID;
SPClaim newKey = new SPClaim(entity.KeyClaim.ClaimType, newSidValue, entity.KeyClaim.ValueType, entity.KeyClaim.OriginalIssuer);
string newKeyString = SPClaimProviderManager.Local.EncodeClaim(newKey);
string contentdb = context.Site != null ? context.Site.ContentDatabase.Name : "null";
if (Whatif)
{
Console.WriteLine($"[{contentdb}] Would change the SID of entity '{entity.NameClaim.Value}' from '{entity.KeyClaim.Value}' to '{newKey.Value}'");
return SPMigrateEntityCallbackResult.Skipped;
}
else
{
Console.WriteLine($"[{contentdb}] Change the SID of entity '{entity.NameClaim.Value}' from '{entity.KeyClaim.Value}' to '{newKey.Value}'");
entity.MigratedKey = newKeyString;
entity.MigratedName = SPClaimProviderManager.Local.EncodeClaim(entity.NameClaim);
return SPMigrateEntityCallbackResult.Success;
}
}
public bool IntializaForWebApplication(SPWebApplication webApp)
{
return true;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment