How to get the AD object security ID (SID)

From Tech-Wiki
Revision as of 06:48, 12 May 2012 by Frazoo (Talk | contribs)

Jump to: navigation, search


How to obtain the Active Directory Security ID (SID) for an object.

First obtain the distinguished name (DN) of the object. In this example the 'dsquery' utility has been used. From the Command Prompt.

dsquery user -name "Joe Bloggs"

Example Output:

"CN=Joe Bloggs,OU=Users,DC=contoso,DC=com"


Next use the 'dsget' utility, along with the DN to obtain the SID:

dsget user "CN=Joe Bloggs,OU=Users,DC=Contoso,DC=com" -sid

Example Output:

 sid
 S-1-5-21-2560XXXX-XXXXX-XXXXX-19440
 dsget succeeded