Can I capture a registry key that contains this information?
If anyone can help, I'd appreciate it.

Thanks.

Paul P.

Here's the steps:

1) Get yourself a Windows 2K or Windows XP box and login as Domain Admin.

2) Download this zip file from Microsoft. It's the ADSI SDK. We only want one DLL in there called adssecurity.dll

ADSI SDKp

Extract the one dll into a folder somewhere (system32 would be good) and run this:

regsvr32 addsecurity.dll

you should get a messagebox saying component registered ok.

3) Download this script using wordpad and run it. It should display all the user's in your domain and their SID's

4) Change "user" to "computer" and give it a go - luck !

break on

$adssid = createobject("adssid")

$domain = getobject("WinNT://@LDOMAIN")

; Filter for just users [change to computer]...

$domain.filter = "user",""

; For each object, lookup sid ...

for each $object in $domain

 $adssid.setas(5,$object.adspath)

 ? $object.name " = " $adssid.getas(1)

next

exit 1

-Shawn

-Shawn

LLigetfa:
I need to do this for 500 machines. Going to each machine to run a utility is not an option.
Thanks anyway.

Microsoft NDTSutil

Yeah, it should run fine. We're using the backward compatible WinNT service provider that works in an NT domain. All you need to run the script is a Windows 2K or XP workstation and the reskit dll registered... give it a shot ...

-Shawn

Will Hetrick:
That'd work great if I had 2000 AD.
Thanks anyway.