SID account to username

I have a huge list of SIDs that I would like to see if they are tied to any user accounts. Since the accounts are old (mostly) and I'm sure the tombstone life of them in AD are expired, I know I was able to find a couple of usernames by looking in the registry in the profiels directory where there are alot of SID accounts.
Since there are a large amount of SIDs it would be tedious and very time consumimng to individual search for each one of them.

I downloaded PSTools and there is a command called "psgetsid". I'm trying to find a way to enter all the SIDs in a txt file and then run the command to see if anything mataches a username.

Here's the command I used and the error I'm getting. Any help why? The file sid.txt is in the current directory.

C:\Windows\System32>psgetsid @file sid.txt

PsGetSid v1.44 - Translates SIDs to names and vice versa
Copyright (C) 1999-2008 Mark Russinovich
Sysinternals - www.sysinternals.com

Error opening file:
The system cannot find the file specified.

Here are the help contents of psgetsid:


Usage: psgetsid [\\computer[,computer2[,...] | @file] [-u Username [-p Password]
]] [account | SID]
     -u         Specifies optional user name for login to
                remote computer.
     -p         Specifies optional password for user name. If you omit this
                you will be prompted to enter a hidden password.
     account    PsGetSid will report the SID for the specified user account
                rather than the computer.
     SID        PsGetSid will report the account for the specified SID.
     computer   Direct PsGetSid to perform the command on the remote
                computer or computers specified. If you omit the computer
                name PsGetSid runs the command on the local system,
                and if you specify a wildcard (\\*), PsGetSid runs the
                command on all computers in the current domain.
     @file      PsGetSid will execute the command on each of the computers listed

                in the file.
LVL 7
tolinromeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vincent BastianonAzure Support Escalation EngineerCommented:
You sure that the "sid.txt" file is located in you "%SYSTEMROOT%\System32" ?

Cheers,
Emmanuel AdebayoGlobal Windows Infrastructure Engineer - ConsultantCommented:
The script is looking for the sid.txt file from C:\Windows\System32\sid.txt, is this file present at this location?

regards
tolinromeAuthor Commented:
yes 100%. But looking at the help it says that:

 "@file      PsGetSid will execute the command on each of the computers listed in the file."

I didnt put the computer names in the file, only the SIDs. I was hoping it would pick that up instead.
Maximize Customer Retention with Superior Service

The IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more to help build customer satisfaction and retention.

Emmanuel AdebayoGlobal Windows Infrastructure Engineer - ConsultantCommented:
I see, no, you need to include the computername/servername that you are trying to check the SIDs of groups/users that are on that server.

Regrda
tolinromeAuthor Commented:
do you know of any way or program to do this process quicker, like an import of many SIDs that can be imported and referenced somehow?
Emmanuel AdebayoGlobal Windows Infrastructure Engineer - ConsultantCommented:
No, that is the only one I know.

Is your command as psgetsid @file sid.txt, it suppose to be psgetsid @sid.txt
tolinromeAuthor Commented:
yes, I tried that also, to no avail.
tolinromeAuthor Commented:
I've requested that this question be deleted for the following reason:

No solution to question.
footechCommented:
You're giving up on the question way too easily.
You could write batch file that would utilize PsGetSid, passing each SID to the command.  You could also use PowerShell or VBScript.

Are all these SID for domain accounts?  Do the accounts still exist?  If not then you won't be able to match anything up.
The .BAT file could be as simple as
@echo off
for /f %%i IN (sids.txt) DO c:\SysinternalsSuite\PsGetsid.exe %%i

Open in new window


Using AD cmdlets in PowerShell you could do something like
gc sids.txt | % { (get-aduser $_).name }

Open in new window

or using WMI
gc sids.txt | % { (gwmi win32_useraccount -filter "SID = '$_'").name }

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tolinromeAuthor Commented:
ok thanks for the help on the batch file and powershell. Since I know literally nothing about scripting, I would need to know how to do it literally step by step though, which would be easier powershell?
About the SIDs, yes they are all domain accounts, some (probably most I suspect) have already been deleted, but this action will at least verify that for sure. Its even ok if all of them come up with no account to reference to, as long as I give it a shot to see.
Thanks.
tolinromeAuthor Commented:
Ok, I actually got the script working. The only help I need is to have the results out to a text file since the results are so long.
tolinromeAuthor Commented:
Great, it worked. Thanks.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.