Wednesday, October 31, 2012

Converting SID to Windows account without typing SID

You have something like this and you want to know who the hell this string of number is.


I dont know if there is an easier way, but a few years ago I wrote a powershell function which I will share with you:


function ConvertTo-NtAccount ($sid) {(new-object system.security.principal.securityidentifier($sid)).translate([system.security.principal.ntaccount])}
function ConvertTo-Sid ($NtAccount) {(new-object system.security.principal.NtAccount($NTaccount)).translate([system.security.principal.securityidentifier])}


But then you still have to type this damn string... nope
Since you're already in powershell, just execute:
(acl "FILE NAME HERE").access
You'll get something like this:
FileSystemRights  : DeleteSubdirectoriesAndFiles, Delete
AccessControlType : Allow
IdentityReference : S-1-5-21-123456789-12345678777-722323232-654321
IsInherited       : True
InheritanceFlags  : None
PropagationFlags  : None 
Now simply run
ConvertTo-NtAccount S-1-5-21-123456789-12345678777-722323232-654321

BOOM
You're welcome

PS: as a funny side note, I forgot about ACL command, and not wanting to type the SID by hand I looked for alternative. The most natural alternative I came up with was OneNote. Print screen the properties box, paste into One Note, right click and select "Copy Text from Image". Paste. A bit backasswards but it works.


No comments:

Post a Comment

Comments are welcomed and appreciated.