Jump to content
MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. ×

How to get a user's SID?


 Share

Recommended Posts

How do you get a user's SID (security identifier)? I guess it changes for each installation, and I took a look at the getsid tool from Microsoft (which is less than useless for me.). The issue here is this:

For REGINI.EXE, it says to reference the current user, you need to put this in the file:

\Registry\User\User_SID (where User_SID is the current user's security identifier)

So, how do you find the SID? I'm thinking of writing a VBS program to do this.

Link to comment
Share on other sites


Yes.

After I did some more searching on Microsoft's website, I found the following information which might be usefull. It seems that some of the fields in the SIDs is non-changing. The S-1-5 indicates WinNT Authority, and the last group of numbers indicates the group or type of account, for administrators that number is 500. I'm still looking though.

Well Known SIDs

SID Appendix

Link to comment
Share on other sites

There are a couple that were left out..

S-1-2-0 Local

S-1-5-14 Remote Interactive Logon

S-1-5-19 LocalService

S-1-5-29 NetworkService

S-1-5-32-554 Pre-Windows 2000 Compatible Access

S-1-5-32-555 Remote Desktop Users

S-1-5-32-556 Network Configuration Operators

S-1-6 Site Server Authority

S-1-7 Internet Site Authority

S-1-8 Exchange Authority

S-1-9 Resource Manager Authority

Link to comment
Share on other sites

Here's a little bit of a breakdown of a SID

Ex: S-1-5-21-4512562456-1256505846-1569558059-500

The first character is always an S. It identifies it as a SID

The second number is the SID version.

The third number identifies the authority (5 is NT authority)

The forth set of numbers is the domain identifier, up to 500

The remainder is the account or group identifier.

Link to comment
Share on other sites

Interesting, but I'm not suprized. The information that I found is out of the Windows 2000 Server Resource Kit Documentation. It seems that the format of the registry key is broken down into sub-fields...

The Administrator SID on my system is as follows:

S-1-5-21-1202660629-1606980848-854245398-500

According to the documentation here, the breakout is as follows:

S-R-X-Y1-Y2-Y3-Y4...Yn-RD

S means that it's a SID

R - Revision Level

X - Authority Value

Y - Sub-Authority (Domain Identifier)

RD - Relative Identifier

It seems that the Y fields are somewhat unique to each system. I have 3 computers and for the administrator on all three, the y3 field is the same. I'm not sure what the significance of that is. Also, the last number, 500 is also the same. As to what 21 means in the y1 field, I have yet to find any documentation on that, although it seems that 32 means builtin (according to the page).

Something else that is interesting...I have found the username under the following key:

HKEY_USERS\S-1-5-21-1202660629-1606980848-854245398-500\Volatile Environment\

Inside there, there is a homepath value that contains the username.... Hmm.... I'm feeling inspired......

a = enumertate registry keys

for x = 0 to ubound(a)
 key = reg.getvalue a(x) & \Voltile Environment\HOMEPATH
 uidtemp = split(key, "\")
 uid = uidtemp(ubound(uidtemp))
 if (ubound(uidtemp) = 8 then uidclass = uidtemp(8) else uidclass = uidtemp(4)
next

Or something like that. It's psudeo code, but I think you get the idea...

Link to comment
Share on other sites

No third party tools required:

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set objAccount = objWMIService.Get _
   ("Win32_UserAccount.Name='kenmyer',Domain='atl-ws-01'")
Wscript.Echo objAccount.SID

Win32_UserAccount.Name = USER YOU WANT SID FOR

Domain = EITHER LOCAL MACHINE NAME OR DOMAIN USER ACCOUNT IS IN

Link to comment
Share on other sites

  • 2 years later...

Hey,

I'm trying to write a script that will add permissions to the HKEY_CURRENT_USER hive to the Interactive User has Full Control, what has happened when we created staff user profiles the profile they were created from had this missing. Meaning when the logged onto a machine it couldn’t write to there personal registry.

So to fix this program I’m hoping to write a script which will run at logon to fix this problem. But I’m having trouble getting the script to run and was hoping someone here to help me please!

Set wshNetwork = CreateObject("WScript.Network")

strUser = wshNetwork.Username

strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set objAccount = objWMIService.Get _

("Win32_UserAccount.Name="""& strUser &""",Domain=""dnt1""")

strSID = objAccount.SID

Set objShell = CreateObject("WScript.Shell")

objShell.Run "E:\regini\regini '\Registry\User\' & strSID & '\ [1 5 13 17 21]'"

I'm not brilliant at scripts to please don’t slaughter me!! lol.

Any help would be appreciated!!

Rob

Link to comment
Share on other sites

I do not know if this will help you but here a script that list all the SID and the User Name, this is set to run on the Local Machine.

Option Explicit
Dim ColItems, ObjItem, Sid, strComputer, Wmi
strComputer = "."
Set Wmi = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
Set ColItems = Wmi.ExecQuery("SELECT * FROM Win32_UserAccount",,48)
For Each ObjItem in ColItems
Sid = Sid & _
"SID " & vbTab & objItem.SID & vbCrLf &_
"Name" & vbTab & objItem.Name & vbCrLf & vbCrLf
Next
MsgBox Sid, 0 + 32, "Sid Values"

Notes

This set it to the local Machine

strComputer = "."

Use a Network Computer Name here or it IP Address to run on a Network Computer

strComputer = "COMPUTER_NAME OR IP_ADDRESS_HERE"

If you want a good tool to help you generate Code for WMI then use this Microsoft App to help you

Wmi Code Creator

Link to comment
Share on other sites

@Rob, you issue regini using a file as the parameter so you would need to write a file using your script, then run regini using that file as the parameter.

Attached is an XP batch file which should give you enough to complete your task. Basically it gets your SID, writes the ini file and invokes regini using it.

Note

Please do not just run this file as is!

Change lines 5-9 incl to suit your particular requirement

USID.zip

Link to comment
Share on other sites

Thanks Yzöwl, that bat file works!

Only one small problem now, the users I need it to run on only have limited access to the machine and I want to run this as a logon script. But how would I elevate the script to have admin permissions to complete successfully?!

Arrr this is driving me mad! But thanks for your help so far!!

Rob

Edited by Rob Fuller
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...