Home > Active Directory, Microsoft, PowerShell > PowerShell: Get SID from AD (Active Directory) User / Group using PowerShell

PowerShell: Get SID from AD (Active Directory) User / Group using PowerShell

August 26th, 2009 christian Leave a comment Go to comments

To get the SID of an AD Object (User, Group, whatever) quickly, i recommend using PowerShell.
When trying to get the SID using ADUC (Active Directory User and Computer Snap-in), you can not copy/paste the SID as a string since it is stored in a binary format.

ActiveDirectory_AttributeEditor_ObjectSID

ActiveDirectory_AttributeEditor_ObjectSID_Binary

Now, to get the SID (Security Identifier) for a specific (AD) Active Directory Object using PowerShell use:

$AdObj = New-Object System.Security.Principal.NTAccount("ObjectName")
$strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier])
$strSID.Value


PowerShell_Get_SID

Categories: Active Directory, Microsoft, PowerShell Tags:
  1. Alex
    March 11th, 2010 at 11:58 | #1
    Reply | Quote

    There is an error in this script,
    second line uses $objUser that doesn’t exists, change it by $AdObj
    $strSID = $AdObj.Translate([System.Security.Principal.SecurityIdentifier])

    Nice script

  2. christian
    March 11th, 2010 at 12:42 | #2
    Reply | Quote

    Thanks alot – i will instantly correct this!

  1. No trackbacks yet.
Notify me of follow-up comments via email.