How to get the AD object security ID (SID)

From Tech-Wiki
Revision as of 06:11, 12 May 2012 by Frazoo (Talk | contribs)

Jump to: navigation, search


How to obtain the Active Directory Security ID for an object.

First get the distinguished name (DN) of the object. This can be performed using the dsquery utility. From the Command Prompt. 

dsquery user -name "Joe Bloggs"

Example Output: 

"CN=Joe Blogs,OU=Users,DC=contoso,DC=com"


Next use the dsget utility, along with the DN to obtain the sid: 

dsget user "CN=Joe Blogs,OU=Users,DC=Contoso,DC=com" -sid

Example Output: 

 sid
 S-1-5-21-2560XXXX-XXXXX-XXXXX-19440
 dsget succeeded
Retrieved from ‘http://tech-wiki.net/index.php?title=How_to_get_the_AD_object_security_ID_(SID)&oldid=329