Get User SID in SharePoint using PowerShell
What is SID?
Security identifier (SID) is the primary key for security principals such as user, computer, group, etc in an Active Directory. The Active Directory generates the SID that identifies a particular object and the SID is unique to a domain. In active directory, users are referred by the account name, but the operating system internally refers to account by their SIDs.
SharePoint relies on this unique, immutable identifier, as any other attribute can be renamed. Services like user profile sync use SID to sync information from AD to SharePoint.
Get User SID in SharePoint using PowerShell
To check user SID in SharePoint, use this PowerShell script:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#config Variables
$SiteURL="https://opera.crescent.com"
$UserAccount = "crescent\salaudeen"
#Get the Web and User Objects
$Web = Get-SPWeb $SiteURL
$User = $web.EnsureUser($UserAccount)
#Get the SID
Write-host "SID of the User:"$User.Sid
This PowerShell gets user SID in SharePoint.
Get User by SID in SharePoint:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
#Variables
$SiteURL="https://intranet.crescent.com"
$UserSID = "S-1-5-21-3173304932-3636910964-1439844995-11231"
#Get the User by SID
Get-SPUser -Web $SiteURL -limit All | where {$_.Sid -eq $UserSID} | Select UserLogin, DisplayName
If you have an Active Directory module for PowerShell installed, you can query the SID of a user object as:
Import-Module ActiveDirectory
Get-ADUser "salaudeen" | Select Name, UserPrincipalName, SID
How to update user SID in SharePoint?
If you delete and recreate a user account, SID changes! So got to map the user account with an existing one using the Move-SPUser cmdlet.
$SiteURL = "https://intranet.crescent.com"
$Web = Get-SPWeb $SiteURL
$User = $Web.SiteUsers["Crescent\joe"]
Move-SPUser -Identity $User -NewAlias "Crescent\joe.federer" -IgnoreSID
This maps a new SID with an existing user account in SharePoint.