How to Convert SID to Username

In a Windows environment, each domain and local user, a group or other security objects are assigned by a unique identifier – Security Identifier or SID. It is an SID, but not the user name, that is used to control access to different resources: network shares, registry keys, file system objects, etc. In this article we’ll show some simple ways to get SID by username and the reverse procedure – how to determine Windows username by SID.

To translate username to SID you can use an excellent tool from Sysinternals kit – PsGetSid. But you will have to download it and install on each computer manually.

It’s much easier to use the command prompt or Powershell script.

  • How to Get SID of a Local User
  • How to Convert Domain UserName to SID
  • How to Convert a SID to User Name

How to Get SID of a Local User

To get the SID of the local account on a given computer, you may use wmic to get access to the WMI storage. For a local user test_user, the command will look like this:

wmic useraccount where name='test_user' get sid

In this example, the user SID is S-1-5-21-2235138519-3405886303-4046646730-1104

If you need to get the SID of the current user, run the following command:

wmic useraccount where name='%username%' get sid

In PowerShell, the script returning the same result can be written using two classes SecurityIdentifier and NTAccount.

$objUser = New-Object System.Security.Principal.NTAccount("LOCAL_USER_NAME")

$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])

$strSID.Value

How to Convert Domain UserName to SID

The following command can be used to get an SID of the current domain account:

whoami /user

To get an SID of a domain user, you can use Get-ADUser cmdlet being a part of Active Directory Module for Windows PowerShell.

If you don’t have the AD Module for PowerShell, you can request data from the domain using PowerShell as follows:

$objUser = New-Object System.Security.Principal.NTAccount("horizon.local","lexh")

$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])

$strSID.Value

The same command in one line:

(new-object security.principal.ntaccount “lexh").translate([security.principal.securityidentifier])

How to Convert a SID to User Name

To get the name of the user account by the SID (a reverse procedure), you can use one of the following commands:

wmic useraccount where sid='S-1-5-21-2235138519-3405886303-4046646730-1104' get name

In PowerShell using AD Module for PowerShell:

Get-ADUser -Identity S-1-5-21-2235138519-3405886303-4046646730-1104

Or like this:

$objSID = New-Object System.Security.Principal.SecurityIdentifier ("S-1-5-21-2235138519-3405886303-4046646730-1104")

$objUser = $objSID.Translate( [System.Security.Principal.NTAccount])

$objUser.Value

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s