Private/Test-NameIsWellKnownSid.ps1

Function Test-NameIsWellKnownSid {

    <#
        .SYNOPSIS
            Checks if a given name corresponds to a well-known SID and returns the SID.

        .DESCRIPTION
            This function takes a name as input, processes it to remove common prefixes,
            and checks if it corresponds to a well-known SID.
            If found, it returns the SID as a [System.Security.Principal.SecurityIdentifier] object.

        .PARAMETER Name
            The name to check against the well-known SIDs.

        .EXAMPLE
            PS> Test-NameIsWellKnownSid -Name 'NT AUTHORITY\SYSTEM'

        .INPUTS
            [String] Name

        .OUTPUTS
            [System.Security.Principal.SecurityIdentifier]
    #>


    [CmdletBinding(SupportsShouldProcess = $false, ConfirmImpact = 'low')]
    [OutputType([System.Security.Principal.SecurityIdentifier])]

    Param (

        [Parameter(Mandatory = $true,
            ValueFromPipeline = $true,
            ValueFromPipelineByPropertyName = $true,
            HelpMessage = 'Specify the name to check against Well-Known SIDs.',
            Position = 0)]
        [ValidateNotNullOrEmpty()]
        [string]
        $Name

    )

    Begin {
        $txt = ($Variables.HeaderDelegation -f
            (Get-Date).ToShortDateString(),
            $MyInvocation.Mycommand,
            (Get-FunctionDisplay -HashTable $PsBoundParameters -Verbose:$False)
        )
        Write-Verbose -Message $txt

        ##############################
        # Module imports

        ##############################
        # Variables Definition

        $Identity = $null

        $Name = ($PSBoundParameters['Name']).ToLower()

        $cleanedName = $Name -replace '^(built-in\\|builtin\\|built in\\|nt authority\\|ntauthority\\|ntservice\\|nt service\\)', ''

    } #end Begin

    Process {

        Try {
            # Check if the cleaned name is in the Well-Known SID dictionary
            if ($Variables.WellKnownSIDs.Values.Contains($cleanedName)) {
                # Find the corresponding SID
                $sid = $Variables.WellKnownSIDs.keys.where{ $Variables.WellKnownSIDs[$_] -eq $cleanedName }

                if ($sid) {

                    # Create the SecurityIdentifier object
                    $Identity = [System.Security.Principal.SecurityIdentifier]::new($sid)
                    Write-Verbose -Message ('
                        Matched SID: {0}
                                For: {1}'
 -f
                        $Identity.Value, $cleanName
                    )

                    # Convert to SecurityIdentifier object
                    [System.Security.Principal.SecurityIdentifier]$Identity = [System.Security.Principal.SecurityIdentifier]::New($sid)
                } else {

                    Write-Error -Message ('
                        Error creating SecurityIdentifier object for {0}.'
 -f
                        $cleanName
                    )
                    #Get-ErrorDetail -ErrorRecord $_
                    $Identity = $null
                }
            } else {
                Write-Verbose -Message ('
                    The name {0} does not correspond to a well-known SID or is not recognized.'
 -f
                    $cleanedName
                )
                $Identity = $null
            } #end If-Else

        } catch {
            Write-Error -Message ('Error found when translating WellKnownSid for {0}.' -f $cleanedName)
            $Identity = $null
            #Get-ErrorDetail -ErrorRecord $_
        } #end Try-Catch

    } #end Process

    End {
        $txt = ($Variables.FooterDelegation -f $MyInvocation.InvocationName,
            'testing Well-Known SID (Private Function).'
        )
        Write-Verbose -Message $txt

        return $Identity.Value
    } #end End
}