How to get a user's SID?

**Maelstorm** · April 11, 2005

How do you get a user's SID (security identifier)? I guess it changes for each installation, and I took a look at the getsid tool from Microsoft (which is less than useless for me.). The issue here is this:

For REGINI.EXE, it says to reference the current user, you need to put this in the file:

\Registry\User\User_SID (where User_SID is the current user's security identifier)

So, how do you find the SID? I'm thinking of writing a VBS program to do this.

**un4given1** · April 11, 2005

Are you looking to find the currently logged on user's SID?

**Maelstorm** · April 11, 2005

Yes.

After I did some more searching on Microsoft's website, I found the following information which might be usefull. It seems that some of the fields in the SIDs is non-changing. The S-1-5 indicates WinNT Authority, and the last group of numbers indicates the group or type of account, for administrators that number is 500. I'm still looking though.

Well Known SIDs

SID Appendix

**un4given1** · April 11, 2005

There are a couple that were left out..

S-1-2-0 Local

S-1-5-14 Remote Interactive Logon

S-1-5-19 LocalService

S-1-5-29 NetworkService

S-1-5-32-554 Pre-Windows 2000 Compatible Access

S-1-5-32-555 Remote Desktop Users

S-1-5-32-556 Network Configuration Operators

S-1-6 Site Server Authority

S-1-7 Internet Site Authority

S-1-8 Exchange Authority

S-1-9 Resource Manager Authority

**un4given1** · April 11, 2005

Here's a little bit of a breakdown of a SID

Ex: S-1-5-21-4512562456-1256505846-1569558059-500

The first character is always an S. It identifies it as a SID

The second number is the SID version.

The third number identifies the authority (5 is NT authority)

The forth set of numbers is the domain identifier, up to 500

The remainder is the account or group identifier.

**Maelstorm** · April 11, 2005

Interesting, but I'm not suprized. The information that I found is out of the Windows 2000 Server Resource Kit Documentation. It seems that the format of the registry key is broken down into sub-fields...

The Administrator SID on my system is as follows:

S-1-5-21-1202660629-1606980848-854245398-500

According to the documentation here, the breakout is as follows:

S-R-X-Y1-Y2-Y3-Y4...Yn-RD

S means that it's a SID

R - Revision Level

X - Authority Value

Y - Sub-Authority (Domain Identifier)

RD - Relative Identifier

It seems that the Y fields are somewhat unique to each system. I have 3 computers and for the administrator on all three, the y3 field is the same. I'm not sure what the significance of that is. Also, the last number, 500 is also the same. As to what 21 means in the y1 field, I have yet to find any documentation on that, although it seems that 32 means builtin (according to the page).

Something else that is interesting...I have found the username under the following key:

HKEY_USERS\S-1-5-21-1202660629-1606980848-854245398-500\Volatile Environment\

Inside there, there is a homepath value that contains the username.... Hmm.... I'm feeling inspired......

a = enumertate registry keys

for x = 0 to ubound(a)
  key = reg.getvalue a(x) & \Voltile Environment\HOMEPATH
  uidtemp = split(key, "\")
  uid = uidtemp(ubound(uidtemp))
  if (ubound(uidtemp) = 8 then uidclass = uidtemp(8) else uidclass = uidtemp(4)
next

Or something like that. It's psudeo code, but I think you get the idea...

**Gogol** · April 11, 2005

Take a look on that batch, it needs getsid.exe and administrative share active on C: drive.

If administrative share is disabled, try Sid2user.exe

Finaly if you dont need something working in unattended mode, ObjSid.exe works great too !

HTH

**Maelstorm** · April 11, 2005

If administrative share is disabled, try Sid2user.exe
Finaly if you dont need something working in unattended mode, ObjSid.exe works great too !
HTH
<{POST_SNAPBACK}>

Good find. This is exactly what I was looking for.

Thanks

**IcemanND** · April 11, 2005

No third party tools required:

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set objAccount = objWMIService.Get _
    ("Win32_UserAccount.Name='kenmyer',Domain='atl-ws-01'")
Wscript.Echo objAccount.SID

Win32_UserAccount.Name = USER YOU WANT SID FOR

Domain = EITHER LOCAL MACHINE NAME OR DOMAIN USER ACCOUNT IS IN

**bledd** · April 11, 2005

get pstools from sysinternals, this has a getsid tool..

**Rob Fuller** · August 9, 2007

Hey,

I'm trying to write a script that will add permissions to the HKEY_CURRENT_USER hive to the Interactive User has Full Control, what has happened when we created staff user profiles the profile they were created from had this missing. Meaning when the logged onto a machine it couldn’t write to there personal registry.

So to fix this program I’m hoping to write a script which will run at logon to fix this problem. But I’m having trouble getting the script to run and was hoping someone here to help me please!

Set wshNetwork = CreateObject("WScript.Network")

strUser = wshNetwork.Username

strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set objAccount = objWMIService.Get _

("Win32_UserAccount.Name="""& strUser &""",Domain=""dnt1""")

strSID = objAccount.SID

Set objShell = CreateObject("WScript.Shell")

objShell.Run "E:\regini\regini '\Registry\User\' & strSID & '\ [1 5 13 17 21]'"

I'm not brilliant at scripts to please don’t slaughter me!! lol.

Any help would be appreciated!!

Rob

**gunsmokingman** · August 9, 2007

I do not know if this will help you but here a script that list all the SID and the User Name, this is set to run on the Local Machine.

Option Explicit
 Dim ColItems, ObjItem, Sid, strComputer, Wmi
 strComputer = "."
  Set Wmi = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2") 
  Set ColItems = Wmi.ExecQuery("SELECT * FROM Win32_UserAccount",,48) 
   For Each ObjItem in ColItems 
	Sid = Sid & _
	 "SID " & vbTab & objItem.SID & vbCrLf &_
	 "Name" & vbTab & objItem.Name & vbCrLf & vbCrLf
   Next
  MsgBox Sid, 0 + 32, "Sid Values"

Notes

This set it to the local Machine
strComputer = "."
Use a Network Computer Name here or it IP Address to run on a Network Computer
strComputer = "COMPUTER_NAME OR IP_ADDRESS_HERE"

If you want a good tool to help you generate Code for WMI then use this Microsoft App to help you

Wmi Code Creator

**Yzöwl** · August 9, 2007

@Rob, you issue regini using a file as the parameter so you would need to write a file using your script, then run regini using that file as the parameter.

Attached is an XP batch file which should give you enough to complete your task. Basically it gets your SID, writes the ini file and invokes regini using it.

Note

Please do not just run this file as is!

Change lines 5-9 incl to suit your particular requirement

USID.zip

**Rob Fuller** · August 10, 2007

Thanks Yzöwl, that bat file works!

Only one small problem now, the users I need it to run on only have limited access to the machine and I want to run this as a logon script. But how would I elevate the script to have admin permissions to complete successfully?!

Arrr this is driving me mad! But thanks for your help so far!!

Rob

Edited August 10, 2007 by Rob Fuller

Sign In

How to get a user's SID?

Recommended Posts

Maelstorm

un4given1

Maelstorm

un4given1

un4given1

Maelstorm

Gogol

Maelstorm

IcemanND

bledd

Rob Fuller

gunsmokingman

Yzöwl

Rob Fuller

Please sign in to comment

Recently Browsing 0 members

Activity

Browse