Vista - SID

Can you use vbscript to get the SID of the computer?

James

James wrote:

"James" <donotreply@xxxxxx> wrote in message
news:uV25oOhFKHA.4932@xxxxxxI have an example VBScript program that retrieves the SID values of all
computers in the domain, so you can find duplicates, linked here:

http://www.rlmueller.net/ComputerSIDs.htm

The program binds to the Administrator user on each computer, then uses
Functions OctetToHexStr and HexSIDToDec to convert the byte array value of
the objectSID attribute of the user into a readable form. For one computer,
the program can be modified as below:
==============
Option Explicit

Dim strNTName, objLocalAdmin, strHexSID, strDecSID

' Specify NetBIOS name of computer.
strNTName = "MyComputer"

Set objLocalAdmin = GetObject("WinNT://" & strNTName _
& "/Administrator,user")

' Retrieve SID and convert to hex string.
strHexSID = OctetToHexStr(objLocalAdmin.objectSID)
' Convert to decimal format.
strDecSID = HexSIDToDec(strHexSID)
' Strip off well-known RID, which is "-500".
strDecSID = Left(strDecSID, Len(strDecSID) - 4)
Wscript.Echo strDecSID

Function OctetToHexStr(ByVal arrbytOctet)
' Function to convert OctetString (Byte Array) to a hex string.

Dim k

OctetToHexStr = ""
For k = 1 To Lenb(arrbytOctet)
OctetToHexStr = OctetToHexStr _
& Right("0" & Hex(Ascb(Midb(arrbytOctet, k, 1))), 2)
Next

End Function

Function HexSIDToDec(ByVal strSID)
' Function to convert most hex SID values to decimal format.

Dim arrbytSID, lngTemp, j

ReDim arrbytSID(Len(strSID)/2 - 1)
For j = 0 To UBound(arrbytSID)
arrbytSID(j) = CInt("&H" & Mid(strSID, 2*j + 1, 2))
Next

If (UBound(arrbytSID) = 11) Then
HexSIDToDec = "S-" & arrbytSID(0) & "-" _
& arrbytSID(1) & "-" & arrbytSID(8)

Exit Function
End If

If (UBound(arrbytSID) = 15) Then
HexSIDToDec = "S-" & arrbytSID(0) & "-" _
& arrbytSID(1) & "-" & arrbytSID(8)

lngTemp = arrbytSID(15)
lngTemp = lngTemp * 256 + arrbytSID(14)
lngTemp = lngTemp * 256 + arrbytSID(13)
lngTemp = lngTemp * 256 + arrbytSID(12)

HexSIDToDec = HexSIDToDec & "-" & CStr(lngTemp)

Exit Function
End If

HexSIDToDec = "S-" & arrbytSID(0) & "-" _
& arrbytSID(1) & "-" & arrbytSID(8)

lngTemp = arrbytSID(15)
lngTemp = lngTemp * 256 + arrbytSID(14)
lngTemp = lngTemp * 256 + arrbytSID(13)
lngTemp = lngTemp * 256 + arrbytSID(12)

HexSIDToDec = HexSIDToDec & "-" & CStr(lngTemp)

lngTemp = arrbytSID(19)
lngTemp = lngTemp * 256 + arrbytSID(18)
lngTemp = lngTemp * 256 + arrbytSID(17)
lngTemp = lngTemp * 256 + arrbytSID(16)

HexSIDToDec = HexSIDToDec & "-" & CStr(lngTemp)

lngTemp = arrbytSID(23)
lngTemp = lngTemp * 256 + arrbytSID(22)
lngTemp = lngTemp * 256 + arrbytSID(21)
lngTemp = lngTemp * 256 + arrbytSID(20)

HexSIDToDec = HexSIDToDec & "-" & CStr(lngTemp)

If (UBound(arrbytSID) > 23) Then
lngTemp = arrbytSID(25)
lngTemp = lngTemp * 256 + arrbytSID(24)

HexSIDToDec = HexSIDToDec & "-" & CStr(lngTemp)
End If

End Function
==========
The above assumes that the local Administrator user has not been renamed.

If you mean the value of the objectSID attribute of the computer object in
Active Directory, you can bind to the computer object with the LDAP provider
and the full Distinguished Name of the computer, then use the same two
functions to convert the byte array into a readable format. You would not
strip off the RID value in that case. I hope this helps.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

Great stuff Richard! I assume that if the Administrator name changed and
you knew what it was all you would have to do is change line 10 to the new
name and get the same results...I will test it on our network and let you
know what happens...tks!

James

"Richard Mueller [MVP]" <rlmueller-nospam@xxxxxx> wrote in
message news:OPTmLmhFKHA.3948@xxxxxx

Works great Richard! All I am going to add to it is an input box so we can
input the computer name and/or administrator name as needed. Then I can run
it on any machine. Thanks again!

James

"James" <donotreply@xxxxxx> wrote in message
news:%23dNC$RpFKHA.2376@xxxxxx