delete group policy unresolved SID's?

I have many entries in my group/local policies that are represented by SID's instead of account names.  I'm understanding that these mean the the accounts were deleted and can no longer be resolved.  Please tell me if I'm wrong and if it's OK to delete them.

Also, are there any tools out that can search AD for a SID and display it's accociated account (and vice versa)?
LVL 3
PopeyediceclayAsked:
Who is Participating?
 
oBdAConnect With a Mentor Commented:
If you don't have trusts to other domains where the connection is currently not working, you're correct; you can delete those entries.
As for the SID research, have a look at this:
0519 ยป Everyone can find your renamed administrator.
http://www.jsiinc.com/SUBB/tip0500/rh0519.htm
0
 
PopeyediceclayAuthor Commented:
"If you don't have trusts to other domains where the connection is currently not working, you're correct"

So trusts won't resolve?  I do have one trust to a child domain, can I use these tools to find which SID that is?
0
 
PopeyediceclayAuthor Commented:
Also, I have a few that don't look like the others

like : S-1-5-32-548

What is this kind?
0
 
PopeyediceclayAuthor Commented:
Appear to be BUILTIN accounts, the local security policy was able to resolve them.  Thanks for the input
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.