Query AD using SID

Welcome Forums General PowerShell Q&A Query AD using SID

This topic contains 2 replies, has 2 voices, and was last updated by

5 years, 4 months ago.

  • Author
  • #10371

    Points: 0
    Rank: Member

    Hey all,

    I have a group of CSV files that contains both AD groups and users and a SID for the group or user. I'm trying to create a new csv file that contains the user accounts from the original csv and the group members for the groups listed from the original csv.

    The csv data I'm using and the script I've got so far are below. It works to isolate the local everyone group and write the group members to the new csv files, but I'm lost at identifying if the SID belongs to a user or group. Is there an easy way to before an LDAP query for the objectclass of the SID and then run it through an IF/Elseif based on the object class?

    File name: accounting.csv
    Headers: User,SID

    $group=get-childitem C:\scripts\Csv_files\shares
    Foreach ($name in $Group) {
    # $GRP=$name
    $name.name | Select-Object -unique | %{New-Item -Path C:\scripts\Csv_files\share_permissions -Name "$_." -itemtype File}
    Foreach ($name in $group) {
    $grpsid= import-csv c:\scripts\csv_files\shares\$name
    $fileloc =$name.name

    If ($grpsid.user -eq "\Everyone") {
    $grpSID | export-csv $sharefilepath -Append -NoTypeInformation -Force
    ElseIf ($grpsid.user -ne "\Everyone") {
    Foreach ($user in $grpsid) {
    get-adgroupmember $user.sid | export-csv $sharefilepath -Append -NoTypeInformation -Force

    All constructive help is appreciated.

  • #10375

    Points: 0
    Rank: Member

    This seems to work for me (identifying object class based on SID):

    # Bogus SID placeholder
    $sid = S-1-5-21-1111111111-1111111111-11111111-1111
    $class = Get-ADObject -Filter "objectSid -eq '$sid'" | Select-Object -ExpandProperty objectClass
  • #10381

    Points: 0
    Rank: Member

    That is exactly what I was looking for. Thank you much and now I can keep moving forward.

The topic ‘Query AD using SID’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort