There are a number of ways to find the SID of a user account, the easiest and best way is finding the SID in the registry because you don’t have to install 3rd party software to do this.
To find the SID of a user in the registry, do the following on a computer the user has logged onto (the user doesn’t have to be currently logged on):
- Click Start
- Type regedit and hit enter
- Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ProfileList
- The folders listed under this directory are named after the users SIDs, iterate through the folders to find which user account relates to each SID by noting the user’s account name in variables stored within the folders
Addendum: How To Get A Users SID Via PowerShell Commands
I’ve recently discovered that you can also get the SID of a user with the following PowerShell command:
$objUser = New-Object System.Security.Principal.NTAccount(“DOMAIN_NAME”, “USER_NAME”)
$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
I’ve also found out that you can get a users SID using ADSIEdit. In PowerShell, type adsiedit and hit enter. You will then launch ADSIEdit, from which you can drill down to the OU containing your user, right click the user who’s SID you want to get and go to Properties. From this view, you will be able to see the users SID.
Addendum: How To Get A Users SID Via The Command Prompt
My colleague recently gave me this command:
dsquery user -name %username% | dsget user -sid | find “S-1”
You have to have the AdminPak / RSAT tools installed on the computer you run the command from. By default, running this command gets you the SID of the logged in user, but you can get the SID for any user by replacing the %username% part of the code for the username of the user you want to get the SID from.