MarkBaggett
commented
5 years ago If the accounts are local then the SOFTWARE registry hive is used to resolve SIDs. No network resolution is done at this time.
Mark
On Apr 15, 2019, at 10:25 AM, ItsPaPPy notifications@github.com wrote:
It would be nice to resolve the SID prior to outputting the data.
But i hear doing so can be dangerous in PKI situations where UPN is an external namespace (like the DoD). As it generates network traffic but also targets the PDC-E role which is single homed by design. WMI's Win32_UserAccounts sid resolver will hit the PDC-E, so not sure if there is a good way around doing this, or maybe allow as a configurable/opt in option.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
It would be nice to resolve the SID prior to outputting the data.
But i hear doing so can be dangerous in PKI situations where UPN is an external namespace (like the DoD). As it generates network traffic but also targets the PDC-E role which is single homed by design. WMI's Win32_UserAccounts sid resolver will hit the PDC-E, so not sure if there is a good way around doing this, or maybe allow as a configurable/opt in option.