Account SIDs

Uncategorized

A question on the forum asked about finding the accounts and SIDs on the local machine.

function get-SID {
param (
 [string]$computername = $env:COMPUTERNAME
)
Get-WmiObject -Class Win32_AccountSID -ComputerName $computername |
foreach {
 $da =  (($_.Element).Split(".")[1]).Split(",")
 $sid = ($_.Setting -split "=")[1] -replace '"',''
 $props = [ordered]@{
 Domain = ($da[0] -split "=")[1] -replace '"',''
 Account = ($da[1] -split "=")[1] -replace '"',''
 SID = $sid
 }
 New-Object -TypeName PSObject -Property $props
}
}

Pass a computer name into the function – default is local machine.

Use the AccountSID class which links Win32_SystemAccount and Win32_SID.  For each returned instance clean up the data and create an object with three properties – domain, account and SID.

You will see more than you thought – some very useful information buried in there

Comments are closed.