A lightweight Python utility for converting between binary (hex/varbinary) and string Security Identifiers (SIDs) used in Active Directory.
v2.0.0
Major update introducing bidirectional SID conversion.
- Convert binary SID (hex) → string SID (
S-1-...) - Convert string SID → binary (hex)
- Explicit conversion modes (
--to-string,--to-binary) - Strict structural validation (spec-compliant)
- Graceful error handling
- No external dependencies (standard library only)
- Python 3.6+
- No external packages required
See requirements.txt for details.
Clone the repository:
git clone https://github.com/<your-username>/sid-kit.git
cd sid-kit
Usage
Binary → String
python sidkit.py --to-string <hex_binary_sid>
Example:
python sidkit.py --to-string 0x0105000000000005150000008b2a9c4e3f6d5a1c2b000000
Output:
S-1-5-21-1325406859-475643711-43
String → Binary
python sidkit.py --to-binary <string_sid>
Example:
python sidkit.py --to-binary S-1-5-21-1325406859-475643711-43
Output:
0105000000000005150000008b2a9c4e3f6d5a1c2b000000
Validation & Safety
sid-kit enforces SID structural constraints:
Revision must fit in 1 byte (0–255)
Identifier Authority must fit in 6 bytes
Sub-authority count must fit in 1 byte (max 255)
Each sub-authority must fit in 4 bytes
Rejects malformed or incomplete SID formats
Detects invalid hex input
This ensures conversions are spec-compliant and safe.
SID Structure Overview
A binary SID consists of:
1 byte – Revision
1 byte – Sub-authority count
6 bytes – Identifier Authority (big-endian)
4 bytes each – Sub-authorities (little-endian)
Total length:
8 + (4 × number_of_subauthorities) bytes
License
MIT License
See LICENSE for details.