Resolve-IdentityName

Determines the full, NT identity name for a user or group.

Syntax

Resolve-IdentityName [-Name] <String> [<CommonParameters>]
Resolve-IdentityName -SID <Object> [<CommonParameters>]

Description

Resolve-IdentityName resolves a user/group name into its full, canonical name, used by the operating system. For example, the local Administrators group is actually called BUILTIN\Administrators. With a canonical username, you can unambiguously compare principals on objects that contain user/group information.

If unable to resolve a name into an identity, Resolve-IdentityName returns nothing.

If you want to get full identity information (domain, type, sid, etc.), use Resolve-Identity.

In Carbon 2.0, you can also resolve a SID into its identity name. The SID parameter accepts a SID in SDDL form as a string, a System.Security.Principal.SecurityIdentifier object, or a SID in binary form as an array of bytes. If the SID no longer maps to an active account, you'll get the original SID in SDDL form (as a string) returned to you.

Related Commands

Parameters

Name Type Description Required? Pipeline Input Default Value
Name String

The name of the identity to return.

true false
SID Object

Get an identity's name from its SID. Accepts a SID in SDDL form as a string, a System.Security.Principal.SecurityIdentifier object, or a SID in binary form as an array of bytes.

This parameter is new in Carbon 2.0.

true false

Return Values

string.

EXAMPLE 1

Resolve-IdentityName -Name 'Administrators'

Returns BUILTIN\Administrators, the canonical name for the local Administrators group.