-1

The scope is running from the user's local computer. You can use this to get the active user's SID. Then you could use this with the HKU registry hive.

@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
ECHO GET THE NAME OF THE ACTIVELY LOGGED ON USER
FOR /F "skip=1" %%G IN ('wmic computersystem get username') DO (
    SET aUSER=%%G
    GOTO EXITLOOP1
)
:EXITLOOP1
ECHO %aUSER%
ECHO[


REM ECHO TRIM THE USERNAME
SET tUSER=%aUSER:~4%
REM ECHO %tUSER%
ECHO[


ECHO GET SID FOR USER: %tUSER%
FOR /F "usebackq skip=1" %%a IN (`WMIC USERACCOUNT WHERE NAME^='%%tUSER%%' GET SID`) DO (
    SET SID=%%a
    GOTO EXITLOOP2
)
:EXITLOOP2
ECHO %SID%
mhickey
  • 1
  • 1
    Is there a question here? If you're trying to add this as a tutorial, please follow this site's format of a question in Question section of the page and the answer in the Answers section of the page. – SomethingDark Apr 05 '21 at 20:48
  • 1
    There are already plenty of questions and answers about the code you have provided. I see no point in having another one. – Squashman Apr 05 '21 at 21:08
  • I'm not sure why you'd want to use it in the `HKU`, _(HKEY_USERS)_, registry hive. As the user is the currently active account, their hive is already loaded and as such can be accessed using `HKCU`, _(HKEY_CURRENT_USER)_. Additionally, there's no reason to save the `SID` to a variable, as it will already be assigned to the metavariable `%%a`. – Compo Apr 05 '21 at 23:33
  • mhickey, I have noticed that you have returned as logged into this site but have not responded to either the comments above, or those who have provided official answers. Please see [What should I do when someone answers my question?](https://stackoverflow.com/help/someone-answers) to discover what options are open to you in this scenario, because a question without an accepted answer is not treated by this site as answered. – Compo Apr 18 '21 at 23:05

3 Answers3

0

As you've raised a question, and in it decided to post some code, I'll offer a quicker and more simple alternative, regardless of whether you decide to post yours as a solution:

From :

For /F Tokens^=3^ Delims^=^" %G In ('%SystemRoot%\System32\whoami.exe /User /Fo CSV /NH') Do @Echo %G

From a :

@For /F Tokens^=3^ Delims^=^" %%G In ('%SystemRoot%\System32\whoami.exe /User /Fo CSV /NH') Do @Echo %%G
Compo
  • 30,301
  • 4
  • 20
  • 32
0

BTW, if you wanted to do it without a For loop, you could ask to assist:

%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -Command "(%SystemRoot%\System32\whoami.exe /User /Fo CSV | ConvertFrom-Csv).SID"

Or even without whoami.exe:

%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -Command "Add-Type -AssemblyName System.DirectoryServices.AccountManagement;$([System.DirectoryServices.AccountManagement.UserPrincipal]::Current).SID.Value"
Compo
  • 30,301
  • 4
  • 20
  • 32
0

In a cmd.exe console the following command can be used.

powershell -NoLogo -NoProfile -Command ^
    "Add-Type -AssemblyName System.DirectoryServices.AccountManagement;" ^
    "([System.DirectoryServices.AccountManagement.UserPrincipal]::Current).Sid.AccountDomainSid.Value"

To get the result into a variable, use a FOR loop. (Yeah, I know, it's crazy, right?)

FOR /F "delims=" %%A IN ('powershell -NoLogo -NoProfile -Command ^
    "Add-Type -AssemblyName System.DirectoryServices.AccountManagement;" ^
    "([System.DirectoryServices.AccountManagement.UserPrincipal]::Current).Sid.AccountDomainSid.Value"') DO (
    SET "USER_SID=%%~A"
 )
 ECHO USER_SID is set to %USER_SID%

There are many other things that can be accessed in this way.

powershell -NoLogo -NoProfile -Command ^
    "Add-Type -AssemblyName System.DirectoryServices.AccountManagement;" ^
    "[System.DirectoryServices.AccountManagement.UserPrincipal]::Current |" ^
    "Format-List * -Force"
lit
  • 10,936
  • 7
  • 49
  • 80