Get User SID in SharePoint using PowerShell

What is SID ?
Security identifier (SID) is the primary key for security principals such as user, computer, group, etc in an Active Directory. The Active Directory generates the SID that identifies a particular object and the SID is unique to a domain. In active directory, users are referred by the account name, but the operating system internally refers to account by their SIDs.
SharePoint relies on this unique, immutable identifier, as any other attribute can be renamed. Services like user profile sync uses SID to sync information from AD to SharePoint.

Get User SID in SharePoint using PowerShell:
To check user SID in SharePoint, use this PowerShell script
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#config Variables
$UserAccount = "crescent\salaudeen"

#Get the Web and User Objects
$Web = Get-SPWeb $SiteURL
$User = $web.EnsureUser($UserAccount)

#Get the SID
Write-host "SID of the User:"$User.Sid
This PowerShell gets user SID in SharePoint.

Get User by SID in SharePoint:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

$UserSID = "S-1-5-21-3173304932-3636910964-1439844995-11231"

#Get the User by SID
Get-SPUser -Web $SiteURL -limit All | where {$_.Sid -eq $UserSID} | Select UserLogin, DisplayName

If you have Active directory module for  PowerShell installed, you can query SID of a user object as:
Import-Module ActiveDirectory

Get-ADUser "salaudeen" | Select Name, UserPrincipalName, SID

How to update user SID in SharePoint
If you delete and recreate a user account, SID changes! So got to map the user account with an existing one using Move-SPUser cmdlet
$SiteURL = ""
$Web = Get-SPWeb $SiteURL
$User = $Web.SiteUsers["Crescent\joe"]
Move-SPUser -Identity $User -NewAlias "Crescent\joe.federer" -IgnoreSID
This maps new SID with an existing user account in SharePoint.

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.