We recently had a situation in which all we had was a user’s SID and we needed to figure out exactly who that was before making a change. Fortunately, the command to query Active Directory and return user information is quite easy:
Get-ADUser -Filter {SID -like "{SID}"}
For example:
Get-ADUser -Filter {SID -like "S-1-5-21-122221945-583333252-835566217-89123"}
returned Joe Lole as our owner of the SID
Note that you need to do this on a server with Active Directory Users and Computers (ADUC) installed or you will receive error:
Get-ADUser : The term 'Get-ADUser' is not recognized as the name of a cmdlet, function, script file, or operable program.
This website uses cookies.
View Comments