This script will use PowerShell to check your domain for any users or groups that have a SID history, and will report the SID History, current SID and username to c:\UserSid.csv
You can use the current domain or specify something specific.
cls $strFilter = "(&(|(objectCategory=User)(objectCategory=Group))(sidHistory=*))" $objDomain = New-Object System.DirectoryServices.DirectoryEntry $objSearcher = New-Object System.DirectoryServices.DirectorySearcher $objSearcher.SearchRoot = $objDomain #$objSearcher.SearchRoot = "LDAP://dc=domainname, dc=com" #or manually override domain here $objSearcher.PageSize = 100 $objSearcher.Filter = $strFilter $objSearcher.SearchScope = "Subtree" "OldSID,CurrentSid,OldName,NewName" | Out-File c:\UserSid.csv $colProplist = "name" , "objectsid", "sidhistory" foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)| Out-Null} $colResults = $objSearcher.FindAll() foreach ($objResult in $colResults) { $UserSid = New-Object System.Security.Principal.SecurityIdentifier($objResult.Properties.objectsid[0], 0) foreach ($sidhistory in $objResult.Properties.sidhistory) { $OldUserSid = New-Object System.Security.Principal.SecurityIdentifier($sidhistory, 0) $sid = new-object System.Security.Principal.SecurityIdentifier($usersid) $user = $sid.Translate([System.Security.Principal.NTAccount]) if ($user) { $outstring = $OldUserSid.Value + "," + $UserSid.Value + "," + $objResult.Properties.name + "," + $user.value } else { $outstring = $OldUserSid.Value + "," + $UserSid.Value + "," + $objResult.Properties.name + ",Not Found" } $outstring | Out-File -append c:\UserSid.csv } }