JSI Tip 5345. How can I get a user's SID in a batch file?

A user's Security IDentifier (SID) is assigned during account creation and does NOT change, even if you rename the user. The SID is used internally in all places where the user must be identified, as in profile storage, and ACLs (Access Control Lists).Using the public domain GETSID.EXE, I have scripted UserSID.bat. The syntax for using UserSID.bat is:

call usersid \computername UserName

where:

\ComputerName is either a domain controller, if you want the domain SID, or the local workstation, if the UserName is local.

UserName is the User Account whose SID you want.

UserSID.bat returns the SID in the sid environment variable, %sid%.

NOTE: UserSID.bat will NOT work if the UserName contains spaces.

UserSID.bat contains:

@echo off
set sid=
If {%2}=={} goto syntax
if not exist %1c$ goto syntax
for /f "Skip=2 Tokens=7" %%i in ('getsid %1 %2 %1 %2') do set sid=%%i
goto :EOF
:syntax
@echo Syntax call UserSID \DC_or_Local UserName