2

How to get active session user SID? (it is current user session)

I can do this using CMD command:

for /f "tokens=2-4" %a in ('qwinsta') do @if "%c"=="Active" wmic useraccount where name='%a' get sid

Maybe someone can tell me how to do same with VBScript?

By "current user" I mean "the account that started the script before UAC made me enter Admin credentials".

Ansgar Wiechers
  • 193,178
  • 25
  • 254
  • 328
Bublik
  • 912
  • 5
  • 15
  • 30

2 Answers2

2

Give a try for this vbscript :

Option Explicit
Dim strUser
strUser = CreateObject("WScript.Network").UserName
Wscript.echo "The SID of this username " & strUser & " is :" &_
vbcr & GetSIDFromUser(strUser)
'******************************************************************
Function GetSIDFromUser(UserName)
  Dim DomainName, Result, WMIUser
  If InStr(UserName, "\") > 0 Then
    DomainName = Mid(UserName, 1, InStr(UserName, "\") - 1)
    UserName = Mid(UserName, InStr(UserName, "\") + 1)
  Else
    DomainName = CreateObject("WScript.Network").UserDomain
  End If
  On Error Resume Next
  Set WMIUser = GetObject("winmgmts:{impersonationlevel=impersonate}!" _
    & "/root/cimv2:Win32_UserAccount.Domain='" & DomainName & "'" _
    & ",Name='" & UserName & "'")
  If Err.Number = 0 Then
    Result = WMIUser.SID
  Else
    Result = ""
  End If
  On Error GoTo 0
  GetSIDFromUser = Result
End Function
'******************************************************************

NB : I got it from this link How to find out logged on users SID with VBScript?

Hackoo
  • 18,337
  • 3
  • 40
  • 70
  • Thank you for response, Ths script works, almost, problem is when I run it as a administrator, It returns me `admin SID` I would like to get current user from which I call this script, despite `run as administrator` – Bublik Sep 06 '16 at 14:29
  • I know, that is why I asking for help, for example my `cmd` command does the trick. – Bublik Sep 06 '16 at 14:32
  • @Bublik You can find out the SID of any user with this function, just call it with a different `UserName` parameter – Tomalak Sep 06 '16 at 14:32
  • yes, but I need to get current user name, despite `run as administrator` – Bublik Sep 06 '16 at 14:34
  • 1
    Define "current user". – Tomalak Sep 06 '16 at 14:35
  • how? i can run this script from any user on machine? – Bublik Sep 06 '16 at 14:36
  • 2
    I know that by "current user" you mean "The account that started the script before UAC made me enter Admin credentials". But from the perspective of the script it's a different matter. It does not know that it runs as Admin because of UAC, and it does not know that it was one of the other users logged into this PC that caused this to happen. All it knows is that it runs as Admin. If you want context information, you must provide it explicitly - for example by calling the script with a command line parameter that contains the username you are interested in. – Tomalak Sep 06 '16 at 14:41
  • 3
    Check the [owner](https://msdn.microsoft.com/en-us/library/aa390460%28v=vs.85%29.aspx) of the `explorer.exe` process. – Ansgar Wiechers Sep 06 '16 at 22:09
0

Get SID for current logged in domain user

Run the command whoami /user from command line to get the SID for the logged in user.

Example:

c:\>whoami /user
USER INFORMATION
----------------
User Name      SID
============== ==============================================
mydomain\wincmd S-1-5-21-7375663-6890924511-1272660413-2944159
c:\>

And you can do something like that with a batch file :

@ECHO OFF
SETLOCAL enabledelayedexpansion
for /f "skip=1 tokens=1,2 delims=," %%a in ('Whoami /user /FO CSV') do ( 
    set "UserName=%%a"
    set "SID=%%b"
    echo The username logged is : !Username!
    echo.
    echo And its SID = !SID!
)
pause
exit
Hackoo
  • 18,337
  • 3
  • 40
  • 70