Thursday, June 20, 2024

Determine Local SID via PowerShell

I recently needed to verify that SYSPREP had been run on a few servers. You can download a utility PSGETSID to do this, but I didn't want to introduce an external utility to the servers.

I found the following PowerShell code to get the SID of the local Administrator account. 

$u = New-Object System.Security.Principal.NTAccount('administrator')
$SID = $u.Translate([System.Security.Principal.SecurityIdentifier])
$sid.Value

This returns a SID with -500 on the end. If you ignore the -500, the SID is the SID of the local machine. If this is unique, you know that SYSPREP was used.

You can also look for the CloneTag value in HKLM:\SYSTEM\Setup. This contains the time when SYSPREP was run. However, I prefer to see the unique SID.


More info about using SYSPREP:

Posted by at

11 comments:

  1. varshakushDecember 20, 2024 at 11:10 PM

    "This is very useful! I’ve been looking for a way to check the SID without external tools. Thanks for sharing!"
    Warehouse Storage rack
    mezzanine floor Supplier

    ReplyDelete
  2. abhayDecember 20, 2024 at 11:18 PM

    "PowerShell continues to amaze me with its capabilities. Great tip for keeping things streamlined!"
    mobile compactor Supplier
    fifo flow rack India

    ReplyDelete
  3. AkankshaDecember 20, 2024 at 11:19 PM

    "Can this method be used to get SIDs of other local accounts as well, or is it specific to the Administrator account?"
    heavy duty rack
    Multi tier rack supplier

    ReplyDelete
  4. amanDecember 20, 2024 at 11:20 PM

    "I appreciate the focus on avoiding external utilities. It's always better to rely on built-in tools when possible."
    Fabric Roll Racks Manufacturer
    Warehouse mezzzanine floor supplier

    ReplyDelete
  5. BhanuDecember 20, 2024 at 11:21 PM

    "This will definitely come in handy for post-SYSPREP verification. Thanks for simplifying the process!"
    Slotted Angle rack delhii
    Modular Mezzanine floor delhi

    ReplyDelete
  6. Techno worldsDecember 20, 2024 at 11:22 PM

    "It’s interesting how much PowerShell can accomplish with just a few lines of code. Great find!"
    pallet rack in delhi
    mezzanine floor in hyderabad

    ReplyDelete
  7. gautamDecember 20, 2024 at 11:23 PM

    "This article is a lifesaver for admins trying to maintain security and reduce dependencies on external tools."
    Pallet Rack manufacturer
    Heavy Duty Storage Rack delhi

    ReplyDelete
  8. getindustrialproductsDecember 20, 2024 at 11:24 PM

    "Would you recommend this method for a large-scale audit, or is it better suited for individual checks?"
    warehouse storage rack India
    Shrink Packing machine supplier

    ReplyDelete
  9. kajalDecember 20, 2024 at 11:26 PM

    "Great insight! I wonder if this can be automated for multiple servers in a network."
    Shrink wrapping machine India
    Box Wrapping machine manufacturer

    ReplyDelete
  10. karishmaDecember 20, 2024 at 11:26 PM

    "Thanks for sharing the script! It’s nice to have a quick solution for verifying SYSPREP execution."
    Strapping machine manufacturer
    Franchise India Expo

    ReplyDelete
  11. muskanDecember 20, 2024 at 11:27 PM

    "This approach not only saves time but also keeps the server environment clean from unnecessary utilities. Good job!"
    Warehouse Storage rack manufacturer
    mezzanine floor

    ReplyDelete

Subscribe to: Post Comments (Atom)