lazy industries

We recently undertook an upgrade of an NT 4.0 domain to Windows 2003 Active Directory. During the process the Domain Trust was broken and we ended up with a number of orphaned accounts and FSP’s (Foreign Security Principles).

As such, we had a requirement to resolve some of these FSP’s that only had a SID.

Enter the SID2User VBScript.

This file prompts the user for the SID of the FSP or Orphaned Account and will return which User or Group is attached to that SID. The script below will also include which Domain the User/Group is a member of (this is handy in a multi domain environment).

‘——————–
‘File: sid2user.vbs
‘
‘Title: SID to Username
‘Description: This script will convert a SID to a username
‘
‘How to use: Launch the script and follow the prompts.
‘
‘Author: Daniel Kregor (ASG Group)
‘Date: August 2007
‘——————–

strSID = InputBox(”Please enter the SID you wish to convert”)

strComputer = “.”
Set objWMIService = GetObject(”winmgmts:\\” & strComputer & “\root\cimv2″)

Set objAccount = objWMIService.Get _
(”Win32_SID.SID=’” & strSID & “‘”)

if objAccount.AccountName = “” then

strValue = “The SID: ” & strSID & ” is not valid.” & vbcrlf & vbcrlf & “Please esnure you have entered the SID correctly.”

msgbox strValue,16,”SID2User Results”

else

strValue = “The SID: ” & strSID & vbcrlf & “Belongs to user: ” & objAccount.AccountName & vbcrlf & “In the domain: ” & objAccount.ReferencedDomainName

msgbox strValue,64,”SID2User Results”

end if

Feel free to share, and if you have any questions please post them as comments.