Lookup and Translate Domain SIDs

by Awesomeoman · January 6, 2014

Translate Domain SIDs.ps1

A simple script today to perform a look up of an array of SIDs (Security Identifiers) against an Active Directory domain to check if the object exists or not. The components that perform the translation of the SID are from this Technet article Working with SIDs.

As the script executes, the results are printed to the console colour coded for success or failure.

Real time look up results colour coded for success and failure

# Import a text file containing the SIDs to lookup and create a blank output array
$colSId = get-content .\sids.txt
$output = @()

# Loop through each SID in the text file
foreach ($SID in $colSId) {

    # Blank array for the user object
    $user = @()

    # Create a new object using the System.Security.Principal.SecurityIdentifier class with a value of $sid
    $SID = new-object System.Security.Principal.SecurityIdentifier("$sid")

    # Using Try, Catch so we can record failed lookups as well as successful ones
    try {

        # The Translate method will lookup the SID for us against the current logged in AD domain
        $User = $SID.Translate( [System.Security.Principal.NTAccount] )

        # We will write to the console in Green to indicate success
        write-host -ForegroundColor Green "$SID translated to $($user.Value)"

        # Save the result into a variable for reporting later
        $LookupResult = $user.value

    # If the $sid.Translate fails, the script will enter the Catch statement here
    } catch {

        # We are going to assume the failure is because the SID wasn't found and print to the console in Red
        write-host -ForegroundColor Red "$sid not found"

        # And save the result into a variable for reporting on later
        $LookupResult = "Not found"
    }

    # Using my favoured output object method PSCustomObject we'll report on the result of the SID lookup
    $objResult = [PSCustomObject] @{
        "SID" 			= $SID
        "Test Result" 	= $LookupResult
    }

# And add the results of the PSCustomObject to another array so it can be exported, emailed, displayed on the console etc
$output += $objResult
}

# The loop is over, so we can export our results now
$output | export-csv .\SIDLookupResults.csv -NoTypeInformation

Lookup and Translate Domain SIDs

You may also like...

Leave a Reply Cancel reply

Lookup and Translate Domain SIDs

Translate Domain SIDs.ps1

Share this:

Like this:

You may also like...

Query servers for multiple processes running under a single user

Enable and set passwords for user accounts on bulk

Leave a Reply Cancel reply