Jenney Zhao


获得user account的SID,GUID

1. 背景知识

When a new domain user or group account is created, Active Directory stores the account's SID in the Object-SID (objectSID) property of a User or Group object. It also assigns the new object a globally unique identifier (GUID), which is a 128-bit value that is unique not only in the enterprise but also across the world. GUIDs are assigned to every object created by Active Directory, not just User and Group objects. Each object's GUID is stored in its Object-GUID (objectGUID) property. When an object is assigned a GUID, it keeps that value for life. However, SIDs can sometimes change. The SID for a Group object won't change. 详见

2. 获得SID

a. command: wmic useraccount get name,sid 或 wmic useraccount list brief

b. 查看注册表 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

3. 获得GUID

(using C#)

类名: System.DirectoryServices.DirectoryEntry

属性: NativeGuid








posted on 2013-01-04 17:46  Jenney Zhao  阅读(539)  评论(0编辑  收藏  举报