Some functions (especially through WMI) return only SID strings, which are not very human-readable. Therefore, it may be helpful - or even necessary, depending on what you want to do with the string - to get the name of the principal the SID string represents.
The final section of this Microsoft blog-ish article shows how to do that, though it only mentions Active Directory accounts. The code also works for local accounts and the built-in ones like Administrators.
$sid = New-Object System.Security.Principal.SecurityIdentifier($sidString)
$user = $sid.Translate([System.Security.Principal.NTAccount])
You can then get the DOMAIN\user form of the account name with the $user.Value property.
No comments:
Post a Comment