It is important in an Active Directory context and to maintain Microsoft support to deploy client workstations and servers with unique SIDs (with SYSPREP tool in the case of cloning).
There are two cases of SID:
- AD servers have a common SID which is the domain SID
- Servers that are members of an AD or that are in Workgroup have their own SID
To read this SID, it is simple to use a VBS script and WMI access.
An example script is shown below. It works on AD servers and non-AD servers.
2. Sample VBS script
Link to download the script (to rename to .vbs): https://admin365.fr/download/sid.vbs.txt
strComputer = “.”
Set objWMIService = GetObject(“winmgmts:\” & strComputer & “\root\CIMV2”)
isADInstalled = FALSE
Set objOutParams = objWMIService.ExecQuery(“SELECT * from Win32_Service”)
For Each objSvc in objOutParams
Select Case objSvc.Name
isADInstalled = TRUE
Set oShell = CreateObject( “WScript.Shell” )
strComputer = oShell.ExpandEnvironmentStrings(“%COMPUTERNAME%”)
If isADInstalled = True then
strDomain = oShell.ExpandEnvironmentStrings(“%USERDOMAIN%”)
strDomain = strComputer
Set objWMIService = GetObject(“winmgmts:\” & strComputer & “\root\cimv2”)
Set colAccounts = objWMIService.ExecQuery(“Select * From Win32_UserAccount Where Domain = ‘” & StrDomain & “‘”)
For Each objAccount in colAccounts
If Left (objAccount.SID, 6) = “S-1-5-” and Right(objAccount.SID, 4) = “-500” Then
WScript.Echo “Computer Name: ” & strComputer
If strDomain <> strComputer then WScript.Echo “Domain Name: ” & strDomain
WScript.Echo “Computer SID: ” & Left(objAccount.SID, Len(objAccount.SID) – 4)
To run this script, you need to open a command line as administrator and run it with the script.exe program.
Example on a Windows 2019 machine which is a Domain Controler:
Example on a Windows 2019 machine that is not an AD server: