如何从 SQL Server 存储的 SID 中获取 Active Directory 组名称?
这是我今天早上早些时候问的一个问题的后续(在此处发布.)按照提供的说明,我已设法在我的 SQL Server 2000 数据库中查询与广告集团.但是,SID 看起来像这样:
This is a follow-up of a question I asked earlier this morning (posted here.) Following the instructions provided, I've managed to query my SQL Server 2000 database for a SID associated with an AD Group. The SID, however, looks like this:
0x0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567
如何获取 SID 引用的 AD 组的名称?我试过谷歌搜索 PowerShell 脚本,但是,他们的大多数 SID 示例如下所示:
What can I do to obtain the name of the AD Group referenced by the SID? I've tried googling PowerShell scripts, however, most of their examples of SIDs look like this:
S-1-5-21-1454471165-1004335555-1606985555-5555
显然,这看起来不像我从 SQL Server 获得的值.我该怎么做?
Obviously, that doesn't look like the value I'm getting back from the SQL Server. How can I do this?
推荐答案
如果您使用的 sqlps(SQL Powershell 主机)适用于 SQL 2000(我已经在我的 2000 实例上测试过),您可以使用:
If you're using sqlps (SQL Powershell host) which works against SQL 2000 (I've tested this on my 2000 instance) you can use this:
$query = @"
select sid from syslogins where isntgroup = 1
AND name = 'CONTOSOmylogin'
"@
invoke-sqlcmd -ServerInstance "myserver" -Database master -Query $query |
foreach {$SID = new-object security.principal.securityidentifier($_.SID,0); $SID.translate([system.security.principal.NTAccount]) }
相关文章