get SID for all users in AD

Question

I would like to pull all our users SID from Active directory.
I was able to pull distinguishedname,samaccountname,givenname etc, but I cannot pull SID from user property.
it returns blank.
function ADQuery($filter, $props)
{
$domain = New-Object System.DirectoryServices.DirectoryEntry
$search = New-Object System.DirectoryServices.DirectorySearcher
$search.SearchRoot = $domain
$search.PageSize = 10000
$search.Filter = $filter
$search.SearchScope = "Subtree"
return $search.FindAll()
}

function GetADUsers()
{
$filter = '(&(objectCategory=user)(sAMAccountName=)(sAMAccountType=)(employeeID=H*))'

$props = @("sn", "givenname",  "samaccountname", "userprincipalname","sid" ,"email","employeeid", "distinguishedname", "title" )

$results = AdQuery $filter $props    
$outRowsRows  = @()
foreach ($result in $results)
{
    $item = $result.Properties;          
    $dn = $item.distinguishedname
    $employeeid = $item.employeeid
    $username = $item.samaccountname
    $username = $username -replace ",", " "
    $sid=$item.objectSid
    write-host "this is the sid:$sid"
     write-host $item.SID

....

could anyone help? thanks

Answer 1

Hello @Anne

You can extract all the SIDs in a specific domain using:

Get-ADUser -Filter * -SearchBase "dc=domain,dc=local" | select Name,SID

Hope this helps with your query,

--
--If the reply is helpful, please Upvote and Accept as answer--

Answer 2

The property name, I think, should be objectSID.

Also, why are you using "ADquery" instead of the PowerShell Get-ADUser?

Answer 3

I got an easier one:
(Get-ADUser myusername).SID.value