PowerShell - Resolve-Identity

The Resolve-Identity function takes an identity name or security identifier (SID) and gets its canonical representation. It returns a Carbon.Identity object, which contains the following information about the identity:

Domain - the domain the user was found in
FullName - the users full name, e.g. Domain\Name
Name - the user's username or the group's name
Type - the Sid type.
Sid - the account's security identifier as a System.Security.Principal.SecurityIdentifier object.

The common name for an account is not always the canonical name used by the operating system. For example, the local Administrators group is actually called BUILTIN\Administrators. This function uses the LookupAccountName and LookupAccountSid Windows functions to resolve an account name or security identifier into its domain, name, full name, SID, and SID type.

You may pass a System.Security.Principal.SecurityIdentifer, a SID in SDDL form (as a string), or a SID in binary form (a byte array) as the value to the SID parameter. You'll get an error and nothing returned if the SDDL or byte array SID are invalid.

If the name or security identifier doesn't represent an actual user or group, an error is written and nothing is returned.

Related Commands

Parameters

Return Values

EXAMPLE 1

EXAMPLE 2

EXAMPLE 3

Name	Type	Description	Required?	Pipeline Input	Default Value
Name	String	The name of the identity to return.	true	false
SID	Object	The SID of the identity to return. Accepts a SID in SDDL form as a `string`, a `System.Security.Principal.SecurityIdentifier` object, or a SID in binary form as an array of bytes.	true	false

Demonstrates that you can pass a SecurityIdentifier object as the value of the SID parameter.

EXAMPLE 4

Demonstrates that you can use a byte array that represents a SID as the value of the SID parameter.

Resolve-Identity

Syntax