PowerShell: Get SID from AD (Active Directory) User / Group using PowerShell

To get the SID of an AD Object (User, Group, whatever) quickly, i recommend using PowerShell.
When trying to get the SID using ADUC (Active Directory User and Computer Snap-in), you can not copy/paste the SID as a string since it is stored in a binary format.

ActiveDirectory_AttributeEditor_ObjectSID

ActiveDirectory_AttributeEditor_ObjectSID

ActiveDirectory_AttributeEditor_ObjectSID_Binary

ActiveDirectory_AttributeEditor_ObjectSID_Binary

Now, to get the SID (Security Identifier) for a specific (AD) Active Directory Object using PowerShell use:

$AdObj = New-Object System.Security.Principal.NTAccount("ObjectName")
$strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier])
$strSID.Value


PowerShell_Get_SID

PowerShell_Get_SID

9 thoughts on “PowerShell: Get SID from AD (Active Directory) User / Group using PowerShell

  1. There is an error in this script,
    second line uses $objUser that doesn’t exists, change it by $AdObj
    $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier])

    Nice script

  2. Pingback: How to find the location of the user profile on the local disk - Yuval Sinay

  3. Pingback: Kleines VB / PowerShell Projekt | Dreadnik

  4. Here’s an up-arrow friendly two-liner:

    $name = “SampleSecurityGroup”
    (New-Object System.Security.Principal.NTAccount($name)).Translate([System.Security.Principal.SecurityIdentifier]).value

  5. Powershell.exe
    Import-module Activedirectory
    Get-ADGroup -identity “Groupname” | select SID

Leave a Reply

Your email address will not be published. Required fields are marked *