Do you remember SIDWALK? This resource kit utility was written back in the NT 4.0 days to assist with domain migrations. It used a mapping file to rewrite old SIDs with new SIDs across ACLs. That utility is a teenager now. It's time we rewrite it... in PowerShell. In part one of this series we will learn how to parse SIDs out of SDDL that we receive from Get-ACL.
Recently Microsoft's legal department asked me to remind you that, yes, I do work for Microsoft. As such we have many disclaimers that you should be aware of when referencing content from this blog or using scripts posted on this blog.