更新
我尝试了whoami /all | Select-String -Pattern 'SID'但它只获取"SID"字符串而不是它的值。有什么建议吗?
whoami的问题在于它只是返回一个行数组,然后你必须自己分析。你一定要使用whoami吗?有更方便的方法来查找 SID。例如:
(New-Object System.Security.Principal.NTAccount($env:username)).Translate([System.Security.Principal.SecurityIdentifier]).value
如果你必须使用whoami,这对我有用...但是一旦输出与预期不符,它可能会失败:
$data = whoami /all
foreach ($line in $data){
if ($line -match "SID"){ #search for the first occurence of "SID"
[int]$index = $data.indexof($line) + 2 #skip title + delimiter
break
}
}
write-host "username: $($data[$index].split(' ')[0])"
write-host "SID: $($data[$index].split(' ')[1])"
更多 WMI 选项:
get-ciminstance win32_useraccount | select name,sid
get-ciminstance win32_userprofile | select localpath,sid
get-localuser | select name,sid
要从whoami /all的输出中解析所有用户和组,下面的代码应该可以工作。
它返回一个属性为Name、SID和Type("用户"或"组"(的[PsCustomObjects]数组。
如果需要,您可以将其另存为CSV文件。
$type = ''
$result = (whoami /all) | ForEach-Object {
switch -Regex ($_) {
'^Users?Name' { $type = 'User' ; break }
'^Groups?Name' { $type = 'Group'; break }
'^s*$' { $type = '' ; break}
'^=+' { $width = $_ -split ' ' ; break }
default {
if ($type -eq 'User') {
$sidStart = $width[0].Length + 1
[PsCustomObject]@{
'Name' = $_.Substring(0, $width[0].Length).Trim()
'SID' = $_.Substring($sidStart, $width[1].Length).Trim()
'Type' = $type
}
}
elseif ($type -eq 'Group') {
$sidStart = $width[0].Length + $width[1].Length + 2
[PsCustomObject]@{
'Name' = $_.Substring(0, $width[0].Length).Trim()
'SID' = $_.Substring($sidStart, $width[2].Length).Trim()
'Type' = $type
}
}
}
}
}
# output on screen
$result | Format-Table -AutoSize
# output to CSV file
$result | Export-Csv -Path 'UsersAndSids.csv' -NoTypeInformation
更新
该whoami还有一个开关/FO CSV,其输出采用 CSV 格式,用户和组数据之间有空行。不幸的是,此输出也是本地化的。
但是,使用计算属性,可以用英语返回属性名称。
该方法的代码,为了在函数中方便起见:
function Parse-WhoAmI {
$nl = [Environment]::NewLine
# join the array with newlines and split into two blocks on the empty line
# the first block contains User info; the second block is for the groups
$data = ((whoami /ALL /FO CSV) -join $nl) -split "$nl$nl" | Select-Object -First 2
# output the user data with English column names
$userdata = $data[0] | ConvertFrom-Csv
$headers = $userdata[0].PSObject.Properties.Name # get the localized header names
$userdata | Select-Object @{Name = 'Name'; Expression = { $_.$($headers[0]) }},
@{Name = 'SID'; Expression = { $_.$($headers[1]) }},
@{Name = 'Type'; Expression = { 'User' }}
# do the same for the Groups block
$groupdata = $data[1] | ConvertFrom-Csv
$headers = $groupdata[0].PSObject.Properties.Name
$groupdata | Select-Object @{Name = 'Name'; Expression = { $_.$($headers[0]) }},
@{Name = 'SID'; Expression = { $_.$($headers[2]) }},
@{Name = 'Type'; Expression = { 'Group' }}
}
# call the function
$result = Parse-WhoAmI
# output on screen
$result | Format-Table -AutoSize
# output to CSV file
$result | Export-Csv -Path 'UsersAndSids.csv' -NoTypeInformation
您可以使用 wmi 执行此操作:
Get-WMIobject -Query "Select SID From Win32_UserAccount" | Foreach {Write-Host $_.SID}
试试这个
[System.Security.Principal.WindowsIdentity]::GetCurrent().Groups.Value