I agree SidToName is limited because its scope is from the local computer. I have provided augmentation in my DLLs that can perform this type of lookup. I agree with Shawn that we should be ablw to provide an optional server parameter from which the lookup should occur.
Code:
; Method LsaLookupSids($Server, $sids)
; Returns an array of dictionary objects
; One or more text sids can be input into the method. Separate sids with 'white
; space'.
; ComputerName must be NT4 or higher.
$sids = "S-1-5-21-24129212-1035812195-1543859470-1416 S-1-5-21-24129212-1035812195-1543859470-500"
$Info = $Win32Admin.LsaLookupSids ("ambdc005", $sids)
if @error = 0
for each $item in $Info
$keys = $item.keys
? "keys: @error @serror"
for each $key in $keys
$Value = $item.get($key)
? $key + " = " + $Value
next
?
next
else
? "Error: @error @serror"
endif
