Sunday, November 20, 2011

Turning SIDs into Real Names using PowerShell

 

PowerTip of the Day, from PowerShell.com:

Sometimes, you'd like to turn security identifiers (SIDs) into real names. Here is a function that can do this for you:

   1: function SID2Name($sid){
   2:  
   3:   $objSID = New-Object System.Security.Principal.SecurityIdentifier($sid)
   4:  
   5:   try {
   6:  
   7:   $objUser = $objSID.Translate( [System.Security.Principal.NTAccount])
   8:  
   9:   $objUser.Value
  10:  
  11:   } catch { $sid }
  12:  
  13: }

And, here is a show case for the function: to enumerate all profiles on your computer, you can read them from the Registry. However, all profiles are stored with SIDs only. Thanks to your new function, you can now display the real user names of everyone who has a profile on your machine:



   1: function Get-Profile {
   2:  
   3: $key = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList'
   4:  
   5: dir $key -Name | ForEach-Object { SID2Name $_ }
   6:  
   7: }


Thanks to www.Powershell.com

2 comments:

  1. Anybody else having issues with this? I cannot get this to work. Both commands run with no errors but there is no output.

    ReplyDelete
  2. hi Kantopa
    I tested the Both scripts and they are working fine.

    In SID2Name function you need to provide the SID
    after loading function .

    SID2NAME S-1-5-21-13641068-1525752503-433219294-22087
    and this show you the name of user who own this SID id

    and in Get-Profile function you just need to type Get-Profile
    and it shows you the list of all profiles

    Note: I tested this on Windows7

    thanks
    aman

    ReplyDelete