请教，改个批处理语句，不用wmic，怎么改？

zhoubin · 发表于 3 小时前

请教各位坛友：
不用wmic，批处理for /f "delims=" %%a in ('wmic userAccount where "Name='%userName%'" get SID /value') do call set "%%a"这句怎么改？

充分考虑PE下，和正常系统的情况，谢谢各位了！！

a66 · 发表于 3 小时前

@echo off
setlocal enabledelayedexpansion
set "SID="
for /f "delims=" %%s in ('reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /k 2^>nul') do (
for /f "delims=" %%u in ('reg query "%%s\ProfileImagePath" /ve 2^>nul') do (
for %%n in (%%u) do (
if /i "%%~nn"=="%username%" (
set "SID=%%~nxs"
goto :endgetsid
)
)
)
)
:endgetsid
:: 此时 %SID% 就是你原来wmic获取的值
echo SID=%SID%

复制代码

a66 · 发表于 2 小时前

set "SID="
for /f "delims=" %%k in ('reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /k 2^>nul ^| findstr /r "^HKEY.*S-1-5-"') do (
reg query "%%k" /v ProfileImagePath 2>nul | find /i "%username%" >nul && set "SID=%%~nxk"
)

复制代码

zhoubin · 发表于 2 小时前

谢谢，顺便请教一下，PE下是不是没有%SID%，或者说PE下的%SID%无意义。

zhoubin · 发表于 2 小时前

win11下，测试，无效

ebaqiang · 发表于 2 小时前

这还真不懂，哪位大佬来讲讲

窄口牛 · 发表于 2 小时前

本帖最后由窄口牛于 2026-4-27 18:58 编辑

whoami试试。

@echo off
Setlocal enabledelayedexpansion
reg query HKU\S-1-5-20>nul || (
echo;CreateObject^("Shell.Application"^).ShellExecute "%~f0", "", "", "runas", 1 > "%temp%\getadmin.vbs" && cscript //b "%temp%\getadmin.vbs" && exit /b & del "%temp%\getadmin.vbs" /f /q>nul 2>nul)
pushd "%CD%" && CD /D "%~dp0"
for /f "tokens=2" %%i in ('whoami /user ^|find "S-1-5"') do (
set sid=%%i
)
for /f "tokens=2 delims=\" %%i in ('whoami') do (
set user=%%i
)
echo 当前sid是：%sid%
echo 当前用户为：%user%
pause>nul

怪怪怪怪i · 发表于 1 小时前

PE下获取SID没任何意义，如果有也都是S-1-5-18

yyz219195888 · 发表于 1 小时前

3# 助人为乐

zhoubin · 发表于半小时前

谢谢楼上各位，谢谢

holley2008 · 发表于 25 分钟前

@echo off
setlocal EnableDelayedExpansion
set "SID="
set "userName="
set "FullUser="
set "WinDrive="
if /i "%SystemRoot%"=="X:\Windows" (
echo 当前环境：PE
call :FindOfflineWindows WinDrive
if not defined WinDrive (
echo 未找到离线 Windows 系统盘。
goto :end
)
echo 找到离线系统：!WinDrive!\Windows
for /f "delims=" %%U in ('dir /b /ad "!WinDrive!\Users" 2^>nul') do (
if /i not "%%U"=="Default" if /i not "%%U"=="Default User" if /i not "%%U"=="Public" if /i not "%%U"=="All Users" (
if not defined userName set "userName=%%U"
)
)
if not defined userName (
echo 未找到离线系统用户目录。
goto :end
)
reg unload HKLM\OfflineSOFTWARE >nul 2>nul
reg load HKLM\OfflineSOFTWARE "!WinDrive!\Windows\System32\Config\SOFTWARE" >nul 2>nul
if errorlevel 1 (
echo 加载离线 SOFTWARE 失败。
goto :end
)
call :GetSidFromProfileList "HKLM\OfflineSOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" "!userName!" SID
reg unload HKLM\OfflineSOFTWARE >nul 2>nul
) else (
echo 当前环境：正常系统
for /f "tokens=1,2 delims=," %%A in ('whoami /user /fo csv /nh') do (
set "FullUser=%%~A"
set "SID=%%~B"
)
for /f "tokens=2 delims=\" %%A in ("!FullUser!") do (
set "userName=%%A"
)
if not defined userName set "userName=!FullUser!"
)
echo.
echo userName=!userName!
echo SID=!SID!
:end
pause>nul
endlocal
goto :eof
:FindOfflineWindows
setlocal EnableDelayedExpansion
set "FoundDrive="
for %%D in (C D E F G H I J K L M N O P Q R S T U V W Y Z) do (
if exist "%%D:\Windows\System32\Config\SOFTWARE" (
if /i not "%%D:"=="X:" (
set "FoundDrive=%%D:"
goto :found
)
)
)
:found
endlocal & set "%~1=%FoundDrive%"
goto :eof
:GetSidFromProfileList
setlocal EnableDelayedExpansion
set "RootKey=%~1"
set "TargetUser=%~2"
set "RetSid="
for /f "delims=" %%K in ('reg query "%RootKey%" 2^>nul') do (
set "RegKey=%%K"
for %%S in ("!RegKey!") do set "ThisSid=%%~nxS"
echo !ThisSid! | findstr /b /i "S-1-5-21-" >nul
if not errorlevel 1 (
set "ProfilePath="
for /f "tokens=1,2,*" %%A in ('reg query "%%K" /v ProfileImagePath 2^>nul ^| findstr /i "ProfileImagePath"') do (
set "ProfilePath=%%C"
)
if defined ProfilePath (
for %%U in ("!ProfilePath!") do set "ProfileUser=%%~nxU"
if /i "!ProfileUser!"=="!TargetUser!" (
set "RetSid=!ThisSid!"
)
)
)
)
endlocal & set "%~3=%RetSid%"
goto :eof

复制代码

		自动登录	找回密码
密码			注册