I'm
guessing you missed the intended humor ... dude ... which part of ";-)" wasn't
clear?
I even
left off the question mark
:-)
<-------- note the smiley
<sarcasm>For clarity, I am also teasing in this email ... and I am
still way funnier (but not looking) than you! :-p
</sarcasm>
--
Dean Wells
MSEtechnology
* Email: dwells@msetechnology.com
http://msetechnology.com
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Friday, January 21, 2005 4:48 PM
To: [email protected]; 'Send - AD mailing list'
Subject: RE: [ActiveDir] Finding User account if know SID
Heh, most of the Enterprise class customers I talk to....
Many of them wouldn't consider deploying any OS due to the pre-SP1 "rule". When
you say that K3 is like 2K SP7 they still won't budge. Plus many of them have to
spend a great deal of time testing and certifying things in case they break one
of many thousands of LOB apps.
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells
Sent: Friday, January 21, 2005 2:41 PM
To: Send - AD mailing list
Subject: RE: [ActiveDir] Finding User account if know SID
That's
correct .and a great point ... but who uses 2000 anymore ;-)
--
Dean Wells
MSEtechnology
* Email: dwells@msetechnology.com
http://msetechnology.com
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Friday, January 21, 2005 1:55 PM
To: [email protected]
Subject: RE: [ActiveDir] Finding User account if know SID
I think that only works against 2k3 AD though
Dean.
sidtoname will work against NT or 2K or K3 or
XP.
As an aside, if someone wants to do it through LDAP, adfind
will do it too, even against W2K...
If you know your directory is 2K3 you can use the same
filter as below
adfind -b dc=mine,dc=local -f
"(&(objectcategory=person)(objectclass=user)(objectSID=S-1-5-21-2000478354-411894773-854245398-500))"
objectsid
if you know it is Windows 2000 or you don't know what it is
you can do
adfind -b dc=mine,dc=local -bitenc -f
"(&(objectcategory=person)(objectclass=user)(objectSID={{SID:S-1-5-21-2000478354-411894773-854245398-500}}))"
objectsid
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells
Sent: Friday, January 21, 2005 11:59 AM
To: Send - AD mailing list
Subject: RE: [ActiveDir] Finding User account if know SID
Joe's
tools will work well ...if you're restricted to tools from the base media, try
-
C:\>ldifde -d dc=mine,dc=local -r
(^&(objectcategory=person)(objectclass=user)(objectSID=S-1-5-21-2000478354-411894773-854245398-500))
-l "objectSID" -f
con
--
Dean Wells
MSEtechnology
* Email: dwells@msetechnology.com
http://msetechnology.com
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Flesher
Sent: Friday, January 21, 2005 11:32 AM
To: [email protected]
Subject: [ActiveDir] Finding User account if know SID
I thought I could do this with just dsquery, but I'm having trouble doing this. Is there a way to find the user account that matches a particular SID if I know the SID?
Chris Flesher
