Take "Administrator" for example, by default it is associated with the integer 0x1f4 (or 500). This value (converted to decimal) actually corresponds to the last chunk of the of the SID. The information you require is in the the key: HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names.Įach subkey is the username, and the default value in each subkey is a binary integer. The proper way to do this requires leveraging the SAM registry hive (on Windows 10, this requires NT AUTHORITY\SYSTEM privileges). You could also refine the SID filter further to only pull back those SIDs which will resolve to an AD account if you wished more on the SID structure here: #and return the related AD entry (should one exist). New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS -ErrorAction Silentl圜ontinue If you use PowerShell, the following may be useful for resolving any AD users listed: #create a drive for HKEY USERS: Where the user is local to the machine the command should either be run on that machine, or you should specify the computer via the optional parameter.Where the user is a domain/AD(LDAP) user, running this on any computer on the domain should give the same results.If you omit the computer name PsGetSid runs the command on the local system, and if you specify a wildcard (\\*), PsGetSid runs the command on all computers in the current PsGetSid will execute the command on each of the computers listed in the file.Įxample: psgetsid S-1-5-21-583907252-682003330-839522115-63941 SID PsGetSid will report the account for the specified SID.Ĭomputer Direct PsGetSid to perform the command on the remote computer or computers specified. If you omit this you will be prompted to enter a hidden password.Īccount PsGetSid will report the SID for the specified user account rather than the computer. p Specifies optional password for user name. u Specifies optional user name for login to remote computer. You can use the command PSGetSid from Microsoft's SysInternals team.
0 kommentar(er)
