Sunday, October 27, 2013

Finding Active Directory Accounts by SID

If you know the SID and would like to find the corresponding Active Directory account, then LDAP queries won't work well. For them to work, you would have to reformat the SID to match the LDAP formatting rules which is not a trivial task.
A much easier way uses an LDAP path. Let's assume you have a string SID in $SID variable, and you would like to find the Active Directory account tied to it. 

Try this:

$SID = ''   # like S-1-5-21-1234567-...
$account = [ADSI]"LDAP://"