A question on the forum asked about finding the accounts and SIDs on the local machine.
function get-SID { param ( [string]$computername = $env:COMPUTERNAME ) Get-WmiObject -Class Win32_AccountSID -ComputerName $computername | foreach { $da = (($_.Element).Split(".")[1]).Split(",") $sid = ($_.Setting -split "=")[1] -replace '"','' $props = [ordered]@{ Domain = ($da[0] -split "=")[1] -replace '"','' Account = ($da[1] -split "=")[1] -replace '"','' SID = $sid } New-Object -TypeName PSObject -Property $props } }
Pass a computer name into the function – default is local machine.
Use the AccountSID class which links Win32_SystemAccount and Win32_SID. For each returned instance clean up the data and create an object with three properties – domain, account and SID.
You will see more than you thought – some very useful information buried in there