Get Sid Script not working

Windows 2012 AD

Trying to find the Account for the SID

$SID = ‘S-1-5-21-3054588571-1341459584-784128302-1110’
$objSID = New-Object System.Security.Principal.SecurityIdentifier($SID)
$objUser = $objSID.Translate([System.Security.Principal.NTAccount])
Write-Host "Resolved user name: " $objUser.Value

PS C:\util> $SID = ‘S-1-5-21-3054588571-1341459584-784128302-1110’
PS C:\util> $sid
PS C:\util> $objSID = New-Object System.Security.Principal.SecurityIdentifier($SID)
PS C:\util> $objUser = $objSID.Translate([System.Security.Principal.NTAccount])
Exception calling “Translate” with “1” argument(s): “Some or all identity references could not be translated.”
At line:1 char:1

  • $objUser = $objSID.Translate([System.Security.Principal.NTAccount])
  •   + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
      + FullyQualifiedErrorId : IdentityNotMappedException

PS C:\util> Write-Host "Resolved user name: " $objUser.Value
Resolved user name:
PS C:\util>

Any ideas?

Thank you


If you note the + FullyQualifiedErrorId : IdentityNotMappedException, the SID can’t be mapped to a known identity. This error will happen if the AD object doesn’t exist (now orphaned) and therefore cannot be mapped, or if for some reason the DC can’t be connected to.