I was able to get the username by sid successfully with this thanks to another fixlet I found:
q: sid of (local users; local groups) whose ((exist matches (regex "^S-1-5-[0-9-]+500$") of component string of sid of it))
A: computer1\localadministrator
T: 14.098 ms
However my original plan is awful long running and doesn’t work.
Creation of service:
C:>sc create WorstIdeaEver binPath= “c:\badidea.exe” obj= “.\localadministrator” password= password
[SC] CreateService SUCCESS
Check for service based on SID, expecting what I created a moment ago.
q: display names of services whose (login account of it as lowercase = (sid of (local users; local groups) whose ((exist matches (regex "^S-1-5-[0-9-]+500$") of component string of sid of it))) as string)
T: 2756.680 ms
Delete service and recreate it with computername\adminname just to see what happens.
C:>sc delete WorstIdeaEver
[SC] DeleteService SUCCESS
C:>sc create WorstIdeaEver binPath= “c:\badidea.exe” obj= “computer1\localadministrator” password= password
[SC] CreateService SUCCESS
Check for service with “computername\adminname” name format.
q: display names of services whose (login account of it as lowercase = "computer1\localadministrator")
T: 55.436 ms
Possibly indicating that the .\ is the name format needed for the local domain of the computer.
q: display names of services whose (login account of it as lowercase = ".\localadministrator")
A: WorstIdeaEver
T: 70.122 ms
Checking with “computername\adminname” even though I’m pretty sure it wont work.
q: display names of services whose (login account of it as lowercase = (sid of (local users; local groups) whose ((exist matches (regex "^S-1-5-[0-9-]+500$") of component string of sid of it))) as string)
T: 2684.986 ms
I’m making progress this, not sure if I’ll come to a resolution on my own as I don’t think I am entirely familiar with string functions and modifiers in relevance at this time.
Luke