• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1082
  • Last Modified:

delete group policy unresolved SID's?

I have many entries in my group/local policies that are represented by SID's instead of account names.  I'm understanding that these mean the the accounts were deleted and can no longer be resolved.  Please tell me if I'm wrong and if it's OK to delete them.

Also, are there any tools out that can search AD for a SID and display it's accociated account (and vice versa)?
0
Popeyediceclay
Asked:
Popeyediceclay
  • 3
1 Solution
 
oBdACommented:
If you don't have trusts to other domains where the connection is currently not working, you're correct; you can delete those entries.
As for the SID research, have a look at this:
0519 ยป Everyone can find your renamed administrator.
http://www.jsiinc.com/SUBB/tip0500/rh0519.htm
0
 
PopeyediceclayAuthor Commented:
"If you don't have trusts to other domains where the connection is currently not working, you're correct"

So trusts won't resolve?  I do have one trust to a child domain, can I use these tools to find which SID that is?
0
 
PopeyediceclayAuthor Commented:
Also, I have a few that don't look like the others

like : S-1-5-32-548

What is this kind?
0
 
PopeyediceclayAuthor Commented:
Appear to be BUILTIN accounts, the local security policy was able to resolve them.  Thanks for the input
0

Featured Post

2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now