I am trying to replicate a combination of WMI and ADSI, to use just WMI. This is a quick fix whilst we put a case forward for winRM as a replacement. This is something that is new to me, so please excuse my ignorance on this.
I am trying to get the local groups and group members, i have used the following to get what i need.
Get-WmiObject -ClassName Win32_Group –ComputerName $computername
Get-WmiObject -ClassName win32_groupuser –ComputerName $computername
This gives me what i need, however i can't get the SID from a service which is running.
I have a document which was done before me, which shows a SID for them, starting with S-1-5-80-, from MS documents, i can see this is relating to "A group that includes all service processes configured on the system. The operating system controls the membership of this group."
I can see the process in
Get-WmiObject -ClassName Win32_Service –ComputerName $computername
However, i cant seem to get the SID. I have tried getting the process ID and GetOwnerSID, but this doesn't match the SID i have in the extract i am trying to replicate.
I have seen some information around using `System.Security.Principal.SecurityIdentifier`, but not sure what to do.
Thanks
Nathan
