Translating Any Principal Name to a SID in .NET

Windows security identifiers (SIDs) are represented in .NET by the SecurityIdentifier class in the System.Security.Principal namespace. .NET provides intuitively apparent ways of getting the SID of a real account (Sid on the UserPrincipal class) or of a well-known account like System (use the SecurityIdentifier constructor that takes a WellKnownSidType). Neither of those methods, however, work for more esoteric principals like TrustedInstaller or for arbitrary user input.

A convenient way to get the SID that represents the account named by a string is to create a new NTAccount object. Then call Translate on that object, passing the Type object for SecurityIdentifier (which you can get in VB.NET with a GetType expression). That produces a real SecurityIdentifier instance that can be used wherever you need to identify a principal.