Search code examples
windowspowershellaclregedit

Creating Registry keys SID REG_BINARY

I am creating a new local account via PowerShell and creating their profile in

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\

too.

I can grab the SID for the user via; ([System.Security.Principal.WindowsIdentity]::GetCurrent()).User.Value

However, within the SID key of a user, there is a value called SID, of type REG_BINARY. How is this created? Can someone please help me?

The reason why I need this is I am migrating a domain account to a local user and keeping all settings, but because of this key it's not working.

This is what I have at the moment:

pic1

This is the key missing which I am not sure where it comes from:

pic2

Solution

  • You can convert a SID to its binary representation and write it to the registry like this:

    # Replace this with the actual target SID string
$SIDString = 'S-1-5-21-1518175382-1413263562-1473642471-31061' 

# Parse as SecurityIdentifier struct
$SID = [System.Security.Principal.SecurityIdentifier]::new($SIDString)

# Create a byte array to hold the binary representation
$binarySID = [byte[]]::new($SID.BinaryLength)

# Copy binary SID to byte array
$SID.GetBinaryForm($binarySID, 0)

# Write binary SID to registry
$path = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\${SIDString}"
New-ItemProperty -Path $path -Name SID -PropertyType Binary -Value $binarySID