I have a huge list of SIDs that I would like to see if they are tied to any user accounts. Since the accounts are old (mostly) and I'm sure the tombstone life of them in AD are expired, I know I was able to find a couple of usernames by looking in the registry in the profiels directory where there are alot of SID accounts.
Since there are a large amount of SIDs it would be tedious and very time consumimng to individual search for each one of them.
I downloaded PSTools and there is a command called "psgetsid". I'm trying to find a way to enter all the SIDs in a txt file and then run the command to see if anything mataches a username.
Here's the command I used and the error I'm getting. Any help why? The file sid.txt is in the current directory.
id @file sid.txt
PsGetSid v1.44 - Translates SIDs to names and vice versa
Copyright (C) 1999-2008 Mark Russinovich
Sysinternals - www.sysinternals.com
Error opening file:
The system cannot find the file specified.
Here are the help contents of psgetsid:
Usage: psgetsid [\\computer[,computer2[,..
.] | @file] [-u Username [-p Password]
]] [account | SID]
-u Specifies optional user name for login to
-p Specifies optional password for user name. If you omit this
you will be prompted to enter a hidden password.
account PsGetSid will report the SID for the specified user account
rather than the computer.
SID PsGetSid will report the account for the specified SID.
computer Direct PsGetSid to perform the command on the remote
computer or computers specified. If you omit the computer
name PsGetSid runs the command on the local system,
and if you specify a wildcard (\\*), PsGetSid runs the
command on all computers in the current domain.
@file PsGetSid will execute the command on each of the computers listed
in the file.