{% hint style="warning" %}
To use this command, sid::patch must be executed first.
{% endhint %}
sid::modify can be used to modify an object's SID. The command must be executed directly on a domain controller. It has the following command line argument:
/sam: thesAMAccountName./new: the new SID value. It also accepts format such asBuiltin\administrators.
mimikatz # sid::modify /sam:username /new:S-1-5-21-...
