List Users and Their SIDs

Mark Berry December 15, 2012

An incredibly useful one-liner:

wmic useraccount get domain,name,sid

Run that from an administrative command prompt while logged in as a domain admin to list all the users and their SIDs. Very handy when trying to decode security events, file permissions, etc. Credit goes to this article.

Other useful commands:

wmic sysaccount get domain,name,sid – list built-in accounts

wmic group get domain,name,sid – list Active Directory groups

Unfortunately, I haven’t been able to find a wmic command to list all the computer accounts in Active Directory. The closest I’ve come is a pair of PowerShell commands to translate a computer or user SID (from TechNet):

$objSID = New-Object System.Security.Principal.SecurityIdentifier `
    ("S-1-5-21-1454471165-1004335555-1606985555-5555")
$objSID.Translate([System.Security.Principal.NTAccount]).Value

Leave a Reply





*