Friday 30 December 2016

How to read or convert SIDs in Active Directory?

Or, Converting SID to readable Name/Object (Group or User).
Or, Converting User Name to SID or Converting Group Name to SID in Active Directory environment and Vice-versa.

Descriptions: Whenever it comes to managing Active Directory, every administrator are encountered with this situation someday to read the SIDs which are not in human readable format.

E.g. You were investigating the root cause of access rights breach and you thought to verify who all are having permission on some specific directories. You are able to read the name of some users which are appearing in human readable format but some of them are appearing in SID format. What to do???

Yes, you must convert the SID to human readable format to read it and this Article explains, how to do it.

Note: In Some cases, you might not get the result of SID to name conversion. That means, the SID can be a stale entry and the user associated with that SID is already deleted from AD.

Steps (Converting user name to SID):
Open Windows PowerShell as Administrator (run as Administrator).

Run the below command, Replace Techies_Sphere with user name you want.
$Name = “Techies_Sphere”

Now, run the command below, and you are done.
(New-Object System.Security.Principal.NTAccount($Name)).Translate([System.Security.Principal.SecurityIdentifier]).value

Now you have the SID (S-1-5-21-688589536-1868229280-2673097225-1108) details which is of User ID Techies_Sphere.

Steps (Converting SID to User Name):
Open Windows PowerShell as Administrator (run as Administrator).

Run the below command, replace ‘S-1-5-21-688589536-1868229280-2673097225-1108’ with the SID ID of yours.
$Name = “S-1-5-21-688589536-1868229280-2673097225-1108”

Now run the below command and you are done.
(New-Object System.Security.Principal.SecurityIdentifier($Name)).Translate([System.Security.Principal.NTAccount]).value

Now you have the User ID details(Techies_Sphere) which is of SID(S-1-5-21-688589536-1868229280-2673097225-1108).

Cheers, please write me back if you have any query or feedback on this...

No comments:

Post a Comment