<#----------------------------------------------------------------------------- Get-SIDHistory.ps1 Ashley McGlone, Microsoft PFE http://blogs.technet.com/b/ashleymcglone May, 2011 This script queries Active Directory for SID history in order to build a SID mapping file for use with the ADMT to do security translation, especially in situations where the ADMT database has been lost. In addition to the mapping file it also generates a full SID history report for viewing in Excel. This script must be run from a machine that has the Active Directory module for PowerShell installed (ie. Windows 7 with RSAT or Windows Server 2008 R2). You must also have either a Windows Server 2008 R2 domain controller, or an older domain controller with the Active Directory Management Gateway Service (AD Web Service) installed. For more information on ADWS see: http://blogs.technet.com/b/ashleymcglone/archive/2011/03/17/step-by-step-how-to-use-active-directory-powershell-cmdlets-against-2003-domain-controllers.aspx -----------------------------------------------------------------------------#> Import-Module ActiveDirectory #Query SID history, current SID, and related fields from AD $ADQuery = Get-ADObject -LDAPFilter "(sIDHistory=*)" -Property objectClass, ` samAccountName, DisplayName, objectSid, sIDHistory, distinguishedname #Create a full SID History report file for reference in Excel $ADQuery | Select-Object * -ExpandProperty sIDHistory | Select-Object objectClass, @{name="OldSID";expression={$_.Value}}, ` @{name="NewSID";expression={$_.objectSID}}, samAccountName, DisplayName, ` DistinguishedName | Export-CSV SIDReport.csv -NoTypeInformation #Create a SID Mapping text file for use with ADMT Get-ADObject -LDAPFilter "(sIDHistory=*)" -Property objectSID, sIDHistory | Select-Object * -ExpandProperty sIDHistory | Select-Object @{name="OldSID";expression={$_.Value}}, ` @{name="NewSID";expression={$_.objectSID}} | Export-CSV SIDMap0.csv -NoTypeInformation #Peel out the quotes from the mapping file, because ADMT does not like those. Get-Content .\SIDMap0.csv | ForEach-Object {$_.Replace("`"","")} | Set-Content .\SIDMap.csv Remove-Item .\SIDMap0.csv "Output complete:" "SIDReport.csv - full SID History report for reference in Excel" "SIDMap.csv - file for use with ADMT to do security translation" # ><>