A SID or a Security Identifier is a unique code that helps identify any user or group and computer accounts across Windows Operating Systems. They are created as soon as a user account is created and being the unique identifiers, no two SIDs are the same on a common computer, ever. It is also referred to as a Security ID. This unique identification is used internally in the operating system instead of displaying names that we set like, Personal, Dad or anything else. This also means that, even if you change your display name, it will not affect anything pre-configured for that account as every configuration is tied up to the SID, which remains constant even when you change your display name or even your username.
SIDs are crucial to systems because every user account is associated with an unchangeable alphanumeric character string. Any changes to the username will not affect the user’s access to the system resources, and in case if you delete a username and later someone tries to create an account with your old username, it’s impossible to regain access to the resources as the SIDs are always unique to every username and in this case it isn’t the same.
Find Security Identifier (SID) of any User in Windows 11/10
Let us see how to find the Security Identifier (SID) of any User in Windows 11/10.
1] Using WMIC
Finding a user’s SID or Security Identifier is really easy. We must use the Windows Management Instrumentation Command Line (WMIC) to do this.
So first of all, start by, opening the Command Prompt. You can do this by searching for Command Prompt in the Cortana Search Box. Or if you are using Windows 8 or newer, hit the WINKEY + X button combination to launch a context menu on the Start Button and click on Command Prompt (Admin).
Now, type in the following command,
wmic useraccount get name,sid
And then hit the Enter key.
Now you will get results like in the screen snippet below. You will get the User Account with the SID of the same.
Filtering out SID for your desired user
Readers who are used to be using SQL queries might relate to this. But this command helps the user to get SID of a particular user and ignore all the hassle. This is most useful when a large system (like a server) is logged in and used simultaneously by multiple users, this command will save a lot of your time. But will only work if you know the username of the user.
Now, the command you are gonna use is-
wmic useraccount where name="USER" get sid
Now, you have to replace USER with the actual username of the user inside the quotes in the command above.
For example, it should be like-
wmic useraccount where name="Ayush" get sid
In case, you get an error while using the command above, try changing the path to C:\Windows|System32|wbem instead of C:\Windows\System32\
The result of the above command would look something like this,
2] Using Whoami
Find SID of Current User using Command Prompt or PowerShell
Open a PowerShell/CMD window and type the following command:
whoami/user
Press Enter.
Another way to find SID of a Current user is using the command wmic useraccount as below
Open a PowerShell/CMD window and type the following command:
wmic useraccount where name='%username%' get domain,name,sid
Press Enter.
Find SID of All Users using Command Prompt or PowerShell
Open a Command Prompt/PowerShell window and type the following command:
wmic useraccount get domain,name,sid
Press Enter.
Find SID of a Specific User using CommandPrompt or PowerShell
Open a Command Prompt/PowerShell and type the following command:
wmic useraccount where name='username' get sid
Give the actual name of the user in place of username in the above command.
Press Enter.
Find Username of SID using Command Prompt or PowerShell
Open a Command Prompt/PowerShell and type the following command
wmic useraccount where sid='<sid>' get domain,name
Give the actual SID value in place of <sid> in the above command.
Press Enter.
3] Use PowerShell
Another way to find SID of all user is using the command Get-WmiObject in the PowerShell.
Open PowerShell and type the following command:
Get-WmiObject win32_useraccount | Select domain,name,sid
Press Enter.
4] Using the Registry Editor
Here, start by opening the Registry Editor. You can do it by searching for it in the Cortana Search box or just hit WINKEY + R combination to launch start and type in regedit and then hit Enter.
Once you have opened the Registry Editor, navigate to the following path,
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
Now, inside the ProfileImagePath values for each SID under the folder of ProfileList, you can find the desired SIDs and other details like Usernames. The page would look similar to this screen snippet below.
It is worth noting that you can find the SIDs for the users who are already logged in to the computer. Either they should be accessing their account remotely or their account should be logged in and then switched to another user on whose account this activity is being done. This is the only drawback of this method but the Method 1 of using WMIC, it is not an issue at all.
Identifying SIDs
A SID in the format of S-1-0-0 is called as a Null SID. It is assigned to a SID when its value is unknown or it is assigned to a group without any members.
Also, a SID in the format of S-1-1-0 is a World SID. It is assigned to a group of every user.
Finally, a SID in the format of S-1-2-0 is called as a Local SID. It is assigned to a user who is supposed to be logged in from a local terminal.
You can learn more about these System Identifiers here on Microsoft Developer Network.
With inputs from Pavithra Bhat
