Hey Everyone,
A while back i needed a way to easily look up Group or User SID's for ad users. I needed to do this in a repetitive way where i could over and over look up individual SID's and just keep a Powershell window open on the side for when i wanted to do it, i could literally just paste in the username and hit enter and then boom, here's your SID !
I knocked up this script within about 20 mins that allows me to do it without having to remember any commands or import any Powershell modules.
It was handy for me a while back when i was working on a project so maybe it will be useful for someone else too.
#start
write-output "
=================================================================
Welcome to the EASYGETSID script
By Luke Varley - www.phishandchips.dev
This script will prompt you for all the information required to
Get the sid of a taget user group or account name.
The Script will loop so you can look up multiple accounts.
=================================================================
"
Import-module activedirectory
#declare script
Function EASYSID{
#gather info
Write-Output "Specify if you want to get a user or a group sid"
$GroupOrUser = Read-Host -Prompt "Enter 1 for User or 2 for Group"
$Target = Read-Host -Prompt "Input The name of the user or group you want the sid for"
#new line
write-host "";
write-host "";
#if user display info
if ($GroupOrUser -eq 1) {
get-aduser -identity $Target
}
else {
#if group display info
if ($GroupOrUser -eq 2) {
get-adgroup -identity $Target
}
else {
#if anything else show error and loop function
Write-Output "INVALID, Enter 1 for user or 2 for group"
EASYSID
}
}
#new line and exit reminder
Write-Host "";
Write-Host "";
Write-Output "Press CRTL-C to exit"
Pause
#start loop function
EASYSID
}
EASYSID
#end script
No comments:
Post a Comment