finding a user name using the S-1-2-5 .... seed

[mejiaks]

i have some sort of ID in active directory

S-1-5-21-91300945-something as the owner of a file

i would like to retrieve the user name for that

can this be done??

TIA

 

[strongm]

>S-1-5-21-91300945-something as the owner of a file

This normally means that the account was either a foreign one from a trust that no longer exists, or that the account has been deleted. In either case there would be no way to translate from the SID to a username (which is why Windows is displaying a SID as the owner - it cannot map it to a username).

However both sid2name at this site, and PsGetSiD at Sysinternals will map a SID to a username, if there is a match in AD

 

[Mirclin]

Here are my routines to extract the UPN (UserPrincipalName) from a SID; I do not expect this to provide the proper result unless there is an active account on the domain.
At this point you have an ADSI object, and you can do pretty much what you need to with it.

These solutions allow for these types of serches to be done without calling any external programs.

Function SID2UPN(str_IN_SID)
Dim strNormalSID, ADuser

strNormalSID = makeSIDnormal(str_IN_SID)

Set ADuser = GetObject("LDAP://<SID="& strNormalSID & ">")
SID2UPN = ADuser.userPrincipalName

End Function

Function makeSIDnormal(mySID)
Dim objregEx,replace

replace=""

Set objregEx = New RegExp
objregEx.Global  = True
objregEx.Pattern = "(%|{|})"
objregEx.IgnoreCase = True

makeSIDnormal = objregEx.Replace(mySID, replace)

End Function

Set ADConnection = CreateObject("ADODB.Connection")
Set ADCommand.ActiveConnection = ADConnection
ADCommand.CommandText = "Select Name,userPrincipalName,givenName,sn,sAMAccountName,ADsPath,mail,pwdLastSet from 'LDAP://<distinguished name>' Where objectCategory='user' AND userPrincipalName='<UPN>'"
ADCommand.Properties("Page Size") = 1000
ADCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set ADrs = ADCommand.Execute