Converting SID from Binary to String
Active Directory accounts contain the SID in binary form. To convert the byte array into a string representation, use a .NET function like this:
# get current user
$searcher = [ADSISearcher]"(&(objectClass=User)(objectCategory=person)(sAMAccountName=$env:username))"
$user = $searcher.FindOne().GetDirectoryEntry()
# get binary SID from AD account
$binarySID = $user.ObjectSid.Value
# convert to string SID
$stringSID = (New-Object System.Security.Principal.SecurityIdentifier($binarySID,0)).Value
$binarySID
$stringSID
Retrieving and Converting User SID with ADSI
In this example, an ADSI searcher gets the current user account (provided the currently logged on user is logged on to a domain). Then, the binary SID is converted to a string SID.
ReTweet this Tip!