by oising
20. August 2007 21:50
Another answer I posted to the NG, and not all that hard once you know the right classes to use from the BCL. But if you didn't know where to look, I can imagine it being a royal pain in the ass.
--- begin ConvertTo-Sid.ps1 ---
param ($account = $(throw "need account in form domain\username or
[ntaccount] object"))
if ($account -is [security.principal.ntaccount]) {
$ntaccount = $account
} else {
$ntaccount = new-object security.principal.ntaccount $account
}
$ntaccount.translate( [security.principal.securityidentifier] )
-- end ConvertTo-Sid.ps1 ---
and the reverse:
--- begin ConvertTo-NTAccount.ps1 ---
param ($sid = $(throw "need sid string or [securityidentifier] object"))
if ($sid -is [security.principal.securityidentifier]) {
$securityidentifier = $sid
} else {
$securityidentifier = new-object security.principal.securityidentifier $sid
}
$securityidentifier.translate( [security.principal.ntaccount] )
--- end ConvertTo-NTAccount.ps1 ---
You can pass strings as args, or their respective native objects. They both output objects. The output of one can be used as the input of the other.