In Windows environment, each user is assigned a unique identifier called Security ID or SID, which is used to control access to various resources like Files, Registry keys, network shares etc. We can obtain SID of a user through WMIC USERACCOUNT command. Below you can find syntax and examples for the same.
Get SID of a local user
wmic useraccount where name='username' get sid
For example, to get the SID for a local user with the login name ‘John’, the command would be as below
wmic useraccount where name='John' get sid
Get SID for current logged in user
To retrieve the SID for current logged in user we can run the below command. This does not require you to specify the user name in the command. This can be used in batch files which may be executed from different user accounts.
wmic useraccount where name='%username%' get sid
Get SID for current logged in domain user
Run the command ‘whoami /user’ from command line to get the SID for the logged in user.
c:\>whoami /user USER INFORMATION ---------------- User Name SID ============== ============================================== mydomain\wincmd S-1-5-21-7375663-6890924511-1272660413-2944159 c:\>
Get SID for the local administrator of the computer
wmic useraccount where (name='administrator' and domain='%computername%') get name,sid
Get SID for the domain administrator
wmic useraccount where (name='administrator' and domain='%userdomain%') get name,sid
Find username from a SID
Now this is tip is to find the user account when you have a SID. One of the readers of this post had this usecase and he figured out the command himself with the help of the commands given above. Adding the same here.
wmic useraccount where sid='S-1-3-12-1234525106-3567804255-30012867-1437' get name