ensure user sid to user powershell csom

Regular Contributor


I have written the following script which collate all the sites in a list along with some of the properties as field column values in a list. However, when the execution hits 

$objSID = New-Object System.Security.Principal.SecurityIdentifier($SID) it gives an issue saying

 Exception calling ".ctor" with "1" argument(s): "Value was invalid.



$SiteURL = "https://<site url>"
$ListName = "<list Name>"

Try {
$Cred= Get-Credential
$Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.Username, $Cred.Password)

#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $Credentials
#Get the List
$List = $Ctx.Web.Lists.GetByTitle($ListName)

Get-SPOSite -Limit ALL| % { Get-SPOSite -Detailed -Identity $_.URL | %{

$ListItemInfo = New-Object Microsoft.SharePoint.Client.ListItemCreationInformation
$ListItem = $List.AddItem($ListItemInfo)

$ListItem["Title"] = $_.Title
$ListItem["DisableSharingForNonOwnersStatus"] = $_.DisableSharingForNonOwnersStatus
$ListItem["LastContentModifiedDate"] = $_.LastContentModifiedDate
$ListItem["Status"] = $_.Status
#$ListItem["Owner"] = $_.Owner

$SID =$_.Owner
$objSID = New-Object System.Security.Principal.SecurityIdentifier($SID)
$objUser = $objSID.Translate([System.Security.Principal.NTAccount])
Write-Host "Resolved user name: " $objUser.Value

$ListItem["Owner"] =$Ctx.Web.EnsureUser($objUser.Value);

$ListItem["SharingCapability"] = $_.SharingCapability
$ListItem["ConditionalAccessPolicy"] = $_.ConditionalAccessPolicy
$ListItem["Url"] = $_.Url
Write-host "New Item $_.Title Added to the List!" -ForegroundColor Green

Catch {
write-host -f Red "Error Adding Items to List!" $_.Exception.Message

3 Replies

I'm not a Developer but this might help



In reading up it's not asking for the SID in string but in SDDL format 



Let me know if this helps


I'm not a Developer but here's the reference to the object you're trying to work with



A quick glance looks like it wants the SID in SDDL format.   Take a look at the value of the SID returned from the earlier object and see if it matches this format described here



Have you verified that this pipeline is returning the objects you expect:


Get-SPOSite -Limit ALL| % { Get-SPOSite -Detailed -Identity $_.URL}