PsGetSid Example
PsGetSid Switches
1. Create a text file name computer.txt with the server, workstation or notebook computer netbios name that you intend to run against it. Following is the example running against two computer name.
C:\>psgetsid @computer.txt
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com
\\ServerA:
SID for \\ServerA:
S-1-5-21-3670764836-4151680273-2531598496
\\ServerB:
SID for \\ServerB:
S-1-5-21-193886556-2713081133-4095546049
2. If you intend to gather all computer account that join to domain. You may issue the following command.
C:\>psgetsid \\*
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com
Enumerating domain...
\\ServerC:
SID for \\ServerC:
S-1-5-21-1801674531-1383384898-839522115
\\WorkstationD:
SID for \\WorkstationD:
S-1-5-21-2104832783-3719506727-1611200576
.
.
.
etc
3. You can also retrieve your domain SID as shown.
C:\>psgetsid dOMAIN
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com
SID for DOMAIN\dOMAIN:
S-1-5-21-3641441938-2838103238-4253977233
4. Get the SID for the currently logged in user to a system.
C:\>psgetsid %username%
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com
SID for Workstation\UserA:
S-1-5-21-1659004503-1580436677-854245398-1020
5. Get the SID account of authentication system or domain users.
C:\>psgetsid DOMAIN\ServerE$
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com
SID for DOMAIN\ServerE$:
S-1-5-21-3641441938-2838103257-4253977233-4925
6. Get the SID account of domain groups.
C:\>psgetsid DOMAIN\Domain_Group
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - www.sysinternals.com
SID for DOMAIN\Domain_Group:
S-1-5-21-3641441938-2838103247-4253977233-5898
7. I would recommend that you use the dsquery.exe command if you intend to bulk export of active directory (AD) User account or group SIDs. Following is the example.
Export AD User SID.
| C:\>dsquery user -limit 0 | dsget user -samid -sid > sid.txt | |
| samid | sid |
| UserA | S-1-5-21-3641441938-2838103237-4253977231-7774 |
| UserB | S-1-5-21-3641441938-2838103237-4253977231-6363 |
| UserC | S-1-5-21-3641441938-2838103237-4253977231-3361 |
| UserD | S-1-5-21-3641441938-2838103237-4253977231-3437 |
| . | |
| . | |
| etc | |
| dsget succeeded | |
Export AD Grouping SID.
| C:/>dsquery group -limit 0 | dsget group -samid -sid > group.txt | |
| samid | sid |
| GroupOne | S-1-5-21-3641441938-2838103237-4253977231-5461 |
| GroupTwo | S-1-5-21-3641441938-2838103237-4253977231-4844 |
| GroupThree | S-1-5-21-3641441938-2838103237-4253977231-5462 |
| GroupFour | S-1-5-21-3641441938-2838103237-4253977231-2690 |
| . | |
| . | |
| etc | |
| dsget succeeded | |
0 comments:
Post a Comment