PsGetSid是PsTools工具集中,由sysinternals发布,目前的最新版本是2.44。个人感觉sysinternals的工具功能非常强大也非常好用,如果用好这些工具工作效率大为提高。
下载地址:[url]http://download.sysinternals.com/Files/PsTools.zip[/url]
下面是PsGetSid的描述
PsGetSid
Have you performed a rollout and only to discover that your network might suffer from the SID duplication problem? In order to know which systems have to be assigned a new SID (using a SID updater like Sysinternals' own NewSID) you have to know what a computer's machine SID is. Up until now there's been no way to tell the machine SID without knowing Regedit tricks and exactly where to look in the Registry. PsGetSid makes reading a computer's SID easy, and works across the network so that you can query SIDs remotely. PsGetSid also lets you see the SIDs of user accounts.
Installation
Copy PsPsGetSid onto your executable path and type "psgetsid".
Usage
Usage: psgetsid [\\computer[,computer[,...] | @file [-u username [-p password]]] [account]
If you want to see a computer's SID just pass the computer's name as a command-line argument. If you want to see a user's SID, name the account (e.g. "administrator") on the command-line and an optional computer name.
Specify a user name if the account you are running from doesn't have administrative privileges on the computer you want to query. If you don't specify a password as an option PsGetSid will prompt you for one so that you can type it in without having it echoed to the display.
下面是使用psgetsid查询sid实例
C:\Documents and Settings\psyadmin>psgetsid /?
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]
Usage: psgetsid [\\computer[,computer2[,...] | @file] [-u Username [-p Password]
]] [account | SID]
-u Specifies optional user name for login to
remote computer.
-p Specifies optional password for user name. If you omit this
you will be prompted to enter a hidden password.
account PsGetSid will report the SID for the specified user account
rather than the computer.
SID PsGetSid will report the account for the specified SID.
computer Direct PsGetSid to perform the command on the remote
computer or computers specified. If you omit the computer
name PsGetSid runs the command on the local system,
and if you specify a wildcard (\\*), PsGetSid runs the
command on all computers in the current domain.
@file PsGetSid will execute the command on each of the computers liste
d
in the file.
查询本机sid
C:\Documents and Settings\psyadmin>psgetsid
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]
SID for \\FILESERVER:
S-1-5-21-1665000383-1530267105-3527431458
查询SID对应的主机名
C:\Documents and Settings\psyadmin>psgetsid S-1-5-21-1665000383-1530267105-35274
31458
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]
Account for FILESERVER\S-1-5-21-1665000383-1530267105-3527431458:
Domain: BEACON
查询网络主机SID
C:\Documents and Settings\psyadmin>psgetsid \\192.168.0.78 -u psyadmin
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]
Password:
SID for \\192.168.0.78:
S-1-5-21-1214440339-2139871995-839522115
验证口令失败,拒绝访问
C:\Documents and Settings\psyadmin>psgetsid \\192.168.0.71 -u psyadmin
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]
Password:
Couldn't access 192.168.0.71:
拒绝访问。
对方主机防火墙关闭文件和打印机共享,不能连接135端口导致找不到网络路径
C:\Documents and Settings\psyadmin>psgetsid \\192.168.0.76 -u psyadmin
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]
Password:
Couldn't access 192.168.0.76:
找不到网络路径。
Make sure that the default admin$ share is enabled on 192.168.0.76.
查询本地用户SID
C:\Documents and Settings\psyadmin>psgetsid admin
PsGetSid v1.43 - Translates SIDs to names and vice versa
Copyright (C) 1999-2006 Mark Russinovich
Sysinternals - [url]www.sysinternals.com[/url]
SID for BEACON\admin:
S-1-5-21-1665000383-1530267105-3527431458-1625
2、活动目录环境中查看用户SID
在活动目录域控制器上regsvr32 acctinfo.dll,活动目录用户和计算机的用户属性中添加"Additional Account Info",显示与账户相关的附加信息。acctinfo.dll包含在Account Lockout Toolkit工具集中(account lockout toolkit工具可以排除比较复杂的账号锁定)
同一个账户admin在图形界面下查询到的SID与使用psgetsid查到的相同。
1