none
Get SID of remote computer return variables RRS feed

  • Question

  • Hi there, 

    This must be quite simple, but I want to make a script which shows the sid of the current logged on user on a REMOTE pc. 

    I have a script which runs fine locally but however I can't seem to get the output back when I try it in an invoke command. 

    This is the code which works on the local pc: 

    $domain = [System.Environment]::ExpandEnvironmentVariables(“%USERDOMAIN%”)

    $user = [System.Environment]::ExpandEnvironmentVariables(“%USERNAME%”)

    $sid = Get-WmiObject win32_useraccount -Filter "name = '$user' AND domain = '$domain'"

    $sid.sid

    This works perfectly, however when I try to run it on a remote system I want to display the SID on my local computer so I can use the output of this variable in another script... 


    Invoke-Command -ComputerName Thisismycomputer -ScriptBlock {


    $domain = [System.Environment]::ExpandEnvironmentVariables(“%USERDOMAIN%”)

    $user = [System.Environment]::ExpandEnvironmentVariables(“%USERNAME%”)

    $sid = Get-WmiObject win32_useraccount -Filter "name = '$user' AND domain = '$domain'"

    $sid.sid

    Thanks! 

    Thursday, March 10, 2016 12:32 PM

Answers

  • Hi,

    You can do something like this:

    $computerName = 'SomePC'
    
    $username = (Get-WmiObject Win32_ComputerSystem -ComputerName $computerName | 
        Select -ExpandProperty Username).Split('\')[-1]
    
    $sid = Get-ADUser -Identity $username | Select -ExpandProperty SID
    
    $sid.Value

    This only works for users who are actually logged into the PC in question, not connected via RDP.


    Thursday, March 10, 2016 1:08 PM

All replies

  • Hi,

    You can do something like this:

    $computerName = 'SomePC'
    
    $username = (Get-WmiObject Win32_ComputerSystem -ComputerName $computerName | 
        Select -ExpandProperty Username).Split('\')[-1]
    
    $sid = Get-ADUser -Identity $username | Select -ExpandProperty SID
    
    $sid.Value

    This only works for users who are actually logged into the PC in question, not connected via RDP.


    Thursday, March 10, 2016 1:08 PM
  • Hi there, 

    Tried this and got the following error: 

    Select : Cannot process argument because the value of argument "obj" is null. Change the value of argument "obj" to a non-null value.
    At line:4 char:5
    +     Select -ExpandProperty Username).Split('\')[-1]
    +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [Select-Object], PSArgumentNullException
        + FullyQualifiedErrorId : ArgumentNull,Microsoft.PowerShell.Commands.SelectObjectCommand
     
    Get-ADUser : The term 'Get-ADUser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try aga
    in.
    At line:6 char:8
    + $sid = Get-ADUser -Identity $username | Select -ExpandProperty SID
    +        ~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (Get-ADUser:String) [], CommandNotFoundException
        + FullyQualifiedErrorId : CommandNotFoundException


    Thursday, March 10, 2016 1:18 PM
  • Do you have admin rights on the remote PC? Additionally, you'll need to load the AD module to use Get-ADUser.

    Thursday, March 10, 2016 1:26 PM
  • Hi there, 

    Yes I Have full administrator rights :).. I don't want to load the AD module because this script wil lbe used by our support desk and they will run it with their default desktops...... 

    Thursday, March 10, 2016 1:29 PM
  • Also the select doesn't work because there is no property username: 

    Domain              : test
    Manufacturer        : VMware, Inc.
    Model               : VMware Virtual Platform
    Name                : Mycomputername
    PrimaryOwnerName    : Mycompany
    TotalPhysicalMemory : 8589467648

    This is the output from the command 

    Get-WmiObject Win32_ComputerSystem -ComputerName $computerName

    Thursday, March 10, 2016 1:34 PM
  • Also the select doesn't work because there is no property username: 

    Domain              : test
    Manufacturer        : VMware, Inc.
    Model               : VMware Virtual Platform
    Name                : Mycomputername
    PrimaryOwnerName    : Mycompany
    TotalPhysicalMemory : 8589467648

    This is the output from the command 

    Get-WmiObject Win32_ComputerSystem -ComputerName $computerName

    As I mentioned, the script above only works if someone is logged in at the console. VMs aren't usually going to have someone connected that way.

    I don't want to load the AD module because this script wil lbe used by our support desk and they will run it with their default desktops......

    The AD module can be installed anywhere with RSAT.


    Thursday, March 10, 2016 1:38 PM
  • You can leverage quser if users are connected via RDP instead of being logged in at the console:

    $computerName = 'SomePC'
    
    $userList = (quser /server:$computerName) -replace '\s{2,}',',' | 
        ConvertFrom-Csv |
            Select -ExpandProperty Username
    
    $userList | ForEach {
    
        Get-ADUser -Identity $_
    
    } | Select SamAccountName,SID

    Also, if you really don't want to install the AD module (I highly recommend that you do, it's extremely useful) you could do something like this instead:

    $domain = 'ABC'
    $computerName = 'SomePC'
    
    $userList = (quser /server:$computerName) -replace '\s{2,}',',' | 
        ConvertFrom-Csv |
            Select -ExpandProperty Username
    
    $userList | ForEach {
    
        $user = New-Object System.Security.Principal.NTAccount("$domain","$_")
        $sid = $user.Translate([System.Security.Principal.SecurityIdentifier])
    
        $props = @{
            User = $_
            SID = $sid.Value
        }
    
        New-Object PsObject -Property $props
    
    }


    Thursday, March 10, 2016 3:21 PM
  • Thanks :) I used the AD one! 
    Tuesday, March 15, 2016 8:14 PM
  • Cheers, you're very welcome. Glad you got it working.

    Tuesday, March 15, 2016 9:38 PM