secons -checkSID Function Resolve Recycled Accounts on Windows

Valid on Windows
capamsc141
Valid on Windows
The secons utility compares the security identifier (SID) of each enterprise account (XUSER and XGROUP resource) with the native Windows account SID, and creates a backup of recycled accounts. As the 
Privileged Access Manager
authorization is based on SID, where the SID of a 
Privileged Access Manager
accessor resource differs from the native account SID (a recycled account), the utility creates a new account (with the same name as the old account) and backs up the obsolete recourse using the following naming convention:
SID
(
accountName
)
For more information on recycled enterprise store accounts, see the
Endpoint Administration Guide for Windows
.
This command has the following format:
secons -checkSID {-groups | -users} [accountName [,accountName...]]
  • -groups
    Specifies that secons should examine enterprise group records.
  • -users
    Specifies that secons should examine enterprise user records.
  • accountName
    Specifies the name of a user or group that secons should search for. If
    accountName
    is omitted, secons looks for all groups or users.