How can I retrieve a Windows Computer's SID us

2019-01-17 15:35发布

问题:

I'm not looking for User SIDs. I'm looking for the computer SID, which active directory would use to uniquely identify the computer. I also don't want to query the active directory server, i want to query the computer itself.

回答1:

(Ooh, this was a fun one! I went on a wild goose chase, as they say, trying to get the Win32_SID instance, which is a singleton and not enumerable by the usual InstancesOf or Query methods... yadda yadda yadda.)

Well, it depends which computer SID you want (seriously!). There's the SID that the local computer uses for itself... For this, you just need to get the SID of the local Administrator user, and remove the "-500" from the end to get the computer's SID.

In VBScript, it looks like this:

strComputer = "AFAPC001"
strUsername = "Administrator"
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set objAccount = objWMIService.Get("Win32_UserAccount.Name='" & strUsername & "',Domain='" & strComputer & "'")
WScript.Echo "Administrator account SID: " & objAccount.SID
WScript.Echo "Computer's SID: " & Left(objAccount.SID, Len(objAccount.SID) - 4)

In PowerShell, like this:

function get-sid
{
    Param ( $DSIdentity )
    $ID = new-object System.Security.Principal.NTAccount($DSIdentity)
    return $ID.Translate( [System.Security.Principal.SecurityIdentifier] ).toString()
}
> $admin = get-sid "Administrator"
> $admin.SubString(0, $admin.Length - 4)

In C# on .NET 3.5:

using System;
using System.Security.Principal;
using System.DirectoryServices;
using System.Linq;
public static SecurityIdentifier GetComputerSid()
{
    return new SecurityIdentifier((byte[])new DirectoryEntry(string.Format("WinNT://{0},Computer", Environment.MachineName)).Children.Cast<DirectoryEntry>().First().InvokeGet("objectSID"), 0).AccountDomainSid;
}

Results from all of these match the response I get from PsGetSid.exe.


On the other hand, there's the SID that Active Directory uses to identify each domain member computer... That one you fetch by getting the SID of the machine account in the domain--the one that ends with a dollar sign.

E.g., using the above PowerShell function for a domain member called "CLIENT", you can type get-sid "CLIENT$".



回答2:

You can simply run reg query HKLM\SOFTWARE\Microsoft\Cryptography /v MachineGuid from Windows command line.

Here is Windows batch file example:

set KEY_REGKEY=HKLM\SOFTWARE\Microsoft\Cryptography
set KEY_REGVAL=MachineGuid

REM Check for presence of key first.
reg query %KEY_REGKEY% /v %KEY_REGVAL% 2>nul || (echo No theme name present! & exit /b 1)

REM query the value. pipe it through findstr in order to find the matching line that has the value. only grab token 3 and the remainder of the line. %%b is what we are interested in here.
set KEY_NAME=
for /f "tokens=2,*" %%a in ('reg query %KEY_REGKEY% /v %KEY_REGVAL% ^| findstr %KEY_REGVAL%') do (
    set KEY_NAME=%%b
)
echo %KEY_NAME%


回答3:

Found a tool from microsoft website which can get you the SID easily

http://technet.microsoft.com/en-us/sysinternals/bb897417.aspx

Just download the file, unzip it, open a command prompt and then run psgetsid.exe.

There are some good explanation on SID from microsoft website as well

http://blogs.msdn.com/b/aaron_margosis/archive/2009/11/05/machine-sids-and-domain-sids.aspx