Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1217
  • Last Modified:

Any way to match accounts to invalid SID's after migration?

I was wondering if there is any way to match accounts up to the "Unknown account" / Invalid SID's that are appearing on my NTFS permissions after server migrations.  

Here is a little background:  Our server team is using some new imaging software that they haven't quite mastered.  After re-imaging a server, the folder permissions are showing multiple "Unknown Account" for any local users that were assigned permissions.  Is there any way in the registry or someplace else that I can match the local accounts up to the "Unknown Accounts" so that the folder permissions will be magically fixed?  I'm trying to avoid having to reapply the permissions if possible.  The permissions are there, and the accounts are on the server, but they do not match up.  
  • 2
2 Solutions
Naser GabajCommented:
Greetings Tray896,

I believe No, the only advice i should give you is to login using a local/domain administrator account and then take the ownership so you can open it.

Good Luck!

Tray896Author Commented:
Thanks Naser, I am able to login fine and change the permissions.  My problem is that there are many levels of custom permissions, and I do not want to have to go back and re-apply all of them for the local accounts.  As I said, the permissions are there, it just says "Account Unknown."  The accounts that should be there do show up in Computer Management, I'm looking for a way to match those accounts up with the Account Unknown permissions.  Make sense?
Naser GabajCommented:

Is the server that was used as the image still around?

If so, save this code below with a .vbs extension and run it from that server.
This will create a text file and put the sid name and the username in there
Since these are local accounts the sids will never match up from one computer to another
but at least you will have the SID => NAME matching from the original

'Begin Copy
ForWriting = 2

Set objFSO = CreateObject("Scripting.FileSystemObject")
'!!!!!text file will be created on your C: drive...change to match your needs !!!!!
Set objTextFile = objFSO.OpenTextFile("c:\SIDs.txt", ForWriting, True)

'!!!!!Place the name of the computer used for the image here:
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_Account where domain =  '" & strComputer & "'", , 48)
For Each objItem In colItems

objTextFile.WriteLine objItem.SID & "," & objItem.Name
'End Copy

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now