SID Query in Command Prompt and PowerShell


How to Check Windows User SID

For system administrators, querying information about the environment and configuration is an everyday job. One of these information is the Security Identifier (SID), which is used by Windows to identify users and groups. User names on a network can be duplicated, so that there is no conflict, each user is assigned a unique SID.

When assowing user rights, Windows uses the SID defined for that purpose. A SID is roughly similar to a Globally Unique Identifier (GUID) that each object in Windows owns. However, SIDs receive only security-relevate objects, because the SID is used for authentication of authenticity.

This SID identifies the user across the network. Even if the user’s name is changed, the SID persists, the user on the network is deleted and his SID is unchanged.

Structure of my SID


The SID (Security Identifier) tokens have the following meanings:

SIt is a SID
5Identifier Authority
18System profiles
21User profile
4147432549-3588766049-1627529166Domain ID, Computer ID
1001User ID (RID)

Table with SID of system accounts

SID Queries

If you want to query the SID of all user accounts, you can do so with the following command in a Command Prompt Win+Rcmd

wmic useraccount get sid,name

All SIDs and user names are output.

C:\>wmic useraccount get sid,name
Name SID

Here are the SIDs of the local accounts. For a query in a network domain, there may be some more.

Computer and domain SIDs consist of a base SID and a relative ID (RID) appended to the base SID. If the computer belongs to a domain, another SID comes into play. The computer still has its own computer SID and local accounts and groups, but is also a member of a domain and therefore has a SID that represents the computer account in that domain. The SID of a computer account consists of the SID of the administrator account, minus the RID, which is omitted last 3 bit or 4 bit (500).

If a user’s SID is to be specifically queried, such as his own SID, this can be done with the following command.

wmic useraccount where name='%username%' get name,sid

If you want to know another user’s SID, you can specify a user instead of %username%, e.g., john.

The following command detects the SID of the user who is currently logged on in an AD domain.

wmic useraccount where (name='%username%' and domain='%userdomain%') get domain,name,sid

In the opposite way, it is also possible to query the user name of a SID.

wmic useraccount where sid='S-1-5-21-4147432549-3588766049-1627529166-1001' get name

In the PowerShell, the query looks like this.

[wmi] "win32_userAccount.Domain='$env:UserDomain',Name='$env:UserName'"

The user name and SID of the user logged on to the company domain is output.

PS C:\>[wmi] "win32_userAccount.Domain='$env:UserDomain',Name='$env:UserName'"

AccountType : 512
Caption: company-john
Domain : company
SID : S-1-5-21-4147432549-3588766049-1627529166-1001
FullName : john smith
Name : john

For example, you can use the SID to find the ProfileImagePath for the user profile in the registry in order to make repairs or adjustments. The SID is also used as an ObjectID in SQL tables to identify and authorize users from Active Directory in an application, such as Dynamics AX.


How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

Leave a Reply

Your email address will not be published. Required fields are marked *