Howto Tutorials (EN)

Get User SID in Command Prompt or PowerShell

Home
Leave a comment

How to Get Windows User SID

For system administrators, querying information about the environment and configuration is an everyday job. One of these information is the Security Identifier (SID), which is used by Windows to identify users and groups. User names on a network can be duplicated, so that there is no conflict, each user is assigned a unique SID.

When assowing user rights, Windows uses the SID defined for that purpose. A SID is roughly similar to a Globally Unique Identifier (GUID) that each object in Windows owns. However, SIDs receive only security-relevate objects, because the SID is used for authentication of authenticity.

This SID identifies the user across the network. Even if the user’s name is changed, the SID persists, the user on the network is deleted and his SID is unchanged.

Structure of my SID

S-1-5-21–4147432549-3588766049-1627529166-1001

The SID (Security Identifier) tokens have the following meanings:

SIt is a SID
1Revision
5Identifier Authority
18System profiles
19Localservice
20Networkservice
21User profile
4147432549-3588766049-1627529166Domain ID, Computer ID
1001User ID (RID)

Table with SID of system accounts

Query SID of all user accounts

If you want to get the SID of all user accounts. You can do so with the following command in a Command Prompt Win+Rcmd

wmic useraccount get sid,name

All SIDs and user names are output.

C:\>wmic useraccount get sid,name
Name SID
Administrator
S-1-5-21-4147432549-3588766049-1627529166-500
DefaultAccount
S-1-5-21-4147432549-3588766049-1627529166-503
John
S-1-5-21-4147432549-3588766049-1627529166-1001
Guest
S-1-5-21-4147432549-3588766049-1627529166-501

Here are the SIDs of the local accounts. For a query in a network domain, there may be some more.

Computer and domain SIDs consist of a base SID and a relative ID (RID) appended to the base SID. If the computer belongs to a domain, another SID comes into play. The computer still has its own computer SID and local accounts and groups. But is also a member of a domain and therefore has a SID that represents the computer account in that domain. The SID of a computer account consists of the SID of the administrator account, minus the RID, which is omitted last 3 bit or 4 bit (500).

Query to get my own user SID

If a user’s SID is to be specifically queried, such as his own user SID, this can be done with the following command.

wmic useraccount where name='%username%' get name,sid

If you want to know another user’s SID, you can specify a user instead of %username%, e.g., john.

The following command detects the SID of the user who is currently logged on in an AD domain.

wmic useraccount where (name='%username%' and domain='%userdomain%') get domain,name,sid

In the opposite way, it is also possible to query the user name of a SID.

wmic useraccount where sid='S-1-5-21-4147432549-3588766049-1627529166-1001' get name

Get user SID in the PowerShell

In the PowerShell, the get user SID command looks like this.

[wmi] "win32_userAccount.Domain='$env:UserDomain',Name='$env:UserName'"

The user name and SID of the user logged on to the company domain is output.

PS C:\>[wmi] "win32_userAccount.Domain='$env:UserDomain',Name='$env:UserName'"

AccountType : 512
Caption: company-john
Domain : company
SID : S-1-5-21-4147432549-3588766049-1627529166-1001
FullName : john smith
Name : john

For example, you can use the user SID to find the ProfileImagePath for the user profile in the registry in order to make repairs or adjustments. The user SID is also used as an ObjectID in SQL tables to identify and authorize users from Active Directory in an application, such as Dynamics AX.

Get User SID in Command Prompt or PowerShell. you can use the SID to find the ProfileImagePath for the user profile in the registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\NT-CurrentVersion\ProfileList
Howto Tutorials (EN)

Show Computer Name in the Taskbar

Home
Leave a comment

Display computer name right in the taskbar

Helpdesk and support administrators have to know on which computer the employee is currently working on. Windows does not display the Computer name on desktop, it’s need for a trip to the system settings, or you have to typing commands in the prompt.

Add computer names in taskbar

An easy way to display computer names in the taskbar is to create a new toolbar, but before that a folder must be created, which is created by run the following command in a command prompt opened with Win+Rcmd.

mkdir %APPDATA%\%COMPUTERNAME%

Now click the right mouse button in the taskbar and choose Toolbars here select New toolbar…

In the address field enter %APPDATA% as the path and select the folder with the computer name in Choose a folder window, now click the Select Folder button.

Now the computer name appears already in the taskbar. If the taskbar is not fixed, fix taskbar with right-click. The toolbar with the computer name can now be brought to the desired position.

Status information in netlogon script

In addition, status information about the authenticated user can be displayed with computer name in the taskbar. Insert the following lines into a batch file and call them in the netlogon script.

@echo off
IF NOT EXIST %APPDATA%\%COMPUTERNAME%\ (
mkdir %APPDATA%\%COMPUTERNAME%
) ELSE (
echo Directory %COMPUTERNAME% exist
)
PowerShell -ExecutionPolicy Unrestricted -Command "Get-NetIPAddress | Select-Object InterfaceIndex,InterfaceAlias,IPAddress | Sort-Object -Property InterfaceIndex | Out-File -FilePath $env:APPDATA\$env:COMPUTERNAME\$env:USERNAME.txt"
PowerShell -ExecutionPolicy Unrestricted -Command "Get-PSDrive | Where {$_.Free -gt 0} | Out-File -Append -FilePath $env:APPDATA\$env:COMPUTERNAME\$env:USERNAME.txt"
wmic useraccount where (name='%username%' and domain='%userdomain%') get domain,name,sid >> %APPDATA%\%COMPUTERNAME%\%USERNAME%.txt

$env:APPDATA\$env:COMPUTERNAME

A PowerShell Script Set-StatusToolbar.ps1 creates the directory and file identical to the batch above.

$DirToCreate="$env:APPDATA\$env:COMPUTERNAME"
if (!(Test-Path $DirToCreate -PathType Container)) {
New-Item -ItemType Directory -Force -Path $DirToCreate
}
$ifcfg=(Get-NetIPAddress | Select-Object InterfaceIndex,InterfaceAlias,IPAddress | Sort-Object -Property InterfaceIndex);
$drive=(Get-PSDrive | Where {$_.Free -gt 0});
$usrid=([wmi] "win32_userAccount.Domain='$env:UserDomain',Name='$env:UserName'");
$ifcfg | Out-File -FilePath $env:APPDATA\$env:COMPUTERNAME\$env:USERNAME.txt
$drive | Out-File -Append -FilePath $env:APPDATA\$env:COMPUTERNAME\$env:USERNAME.txt
$usrid | Out-File -Append -FilePath $env:APPDATA\$env:COMPUTERNAME\$env:USERNAME.txt

Run the PowerShell script .\Set-StatusToolbar.ps1

This post shows how helpdesk and support administrators can quickly see at a glance which is the computer name that the user is currently working on. Windows does not intend to display the computer name on the desktop or taskbar. You must first go to System settings or type commands in command prompt to find out what the computer is called. With this easy solution, the computer name can be known instantly without any clicks.

Exit mobile version