In a Windows environment, each domain and local user, a group or other security objects are assigned by a unique identifier – Security Identifier or SID. It is an SID, but not the user name, that is used to control access to different resources: network shares, registry keys, file system objects, etc. In this article we’ll show some simple ways to get SID by username and the reverse procedure – how to determine Windows username by SID.
To translate username to SID you can use an excellent tool from Sysinternals kit – PsGetSid. But you will have to download it and install on each computer manually.
It’s much easier to use the command prompt or Powershell script.
- How to Get SID of a Local User
- How to Convert Domain UserName to SID
- How to Convert a SID to User Name
How to Get SID of a Local User
To get the SID of the local account on a given computer, you may use wmic to get access to the WMI storage. For a local user test_user, the command will look like this:
wmic useraccount where name='test_user' get sid
In this example, the user SID is S-1-5-21-2235138519-3405886303-4046646730-1104
If you need to get the SID of the current user, run the following command:
wmic useraccount where name='%username%' get sid
In PowerShell, the script returning the same result can be written using two classes SecurityIdentifier and NTAccount.
$objUser = New-Object System.Security.Principal.NTAccount("LOCAL_USER_NAME") $strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier]) $strSID.Value
How to Convert Domain UserName to SID
The following command can be used to get an SID of the current domain account:
To get an SID of a domain user, you can use Get-ADUser cmdlet being a part of Active Directory Module for Windows PowerShell.
If you don’t have the AD Module for PowerShell, you can request data from the domain using PowerShell as follows:
$objUser = New-Object System.Security.Principal.NTAccount("horizon.local","lexh") $strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier]) $strSID.Value
The same command in one line:
(new-object security.principal.ntaccount “lexh").translate([security.principal.securityidentifier])
How to Convert a SID to User Name
To get the name of the user account by the SID (a reverse procedure), you can use one of the following commands:
wmic useraccount where sid='S-1-5-21-2235138519-3405886303-4046646730-1104' get name
In PowerShell using AD Module for PowerShell:
Get-ADUser -Identity S-1-5-21-2235138519-3405886303-4046646730-1104
Or like this:
$objSID = New-Object System.Security.Principal.SecurityIdentifier ("S-1-5-21-2235138519-3405886303-4046646730-1104") $objUser = $objSID.Translate( [System.Security.Principal.NTAccount]) $objUser.Value