• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 741
  • Last Modified:

find out domain user account from corrupted SID

Hi all,
Wondering if its possible to find out what domain user/group accounts used to reside within the "administrators" group after corrupt SID disjoined the server account from the domain.  Currently, now all I see is the very long alpha-numeric string (for ex: S-1-5-21-2871644435-3958900132-1302727681-3)
Is there any way to see what user or group that this string is associated with?  Thanks for any input!
I realize that I can probably rejoin the domain and it will come back, but I thought it would be handy to know if this is possible.  Sometimes I see this string when looking at folder/file permissions and want to know what user or group it belonged to.  
1 Solution
Mike KlineCommented:
Download adfind
Then try
adfind -default -f  "objectsid= S-1-5-21-2871644435-3958900132-1302727681-3"
See if that returns the object for you
HelpyHelpertonAuthor Commented:
thanks, as soon as I get a chance I will download and test!

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now