A SQL Server issue is that when domain names are changed in Active Directory (AD), the name isn’t changed in SQL. Most work is based on SIDs, so it doesn’t cause a problem. But when investigating security problems it's helpful to know what the account/group in SQL is named in AD.
You can get a SID for an account in SQL using the SUSER_SID() function:
SUSER_SID('winona\Account_Name', 0)
But it is formatted differently that it is in AD. Here is some code (just found by Googling) that will translate the format:
declare @sid varbinary(85) = SUSER_SID('winona\Account_Name', 0)
;with cte_Nums as (
select top 256 cast(n-1 as tinyint) Number
from OpData.dbo.Numbers
order by n
)
SELECT ADsid = STUFF((SELECT '-' + part FROM
(
SELECT
Number = -1,
part = 'S-'
+ CONVERT(VARCHAR(30),CONVERT(TINYINT,CONVERT(VARBINARY(30),LEFT(@sid,1))))
+ '-'
+ CONVERT(VARCHAR(30),CONVERT(INT,CONVERT(VARBINARY(30),SUBSTRING(@sid,3,6))))
UNION ALL
SELECT TOP ((LEN(@sid)-5)/4)
Number,
part = CONVERT(VARCHAR(30), CONVERT(BIGINT,CONVERT(VARBINARY(30), REVERSE(CONVERT(VARBINARY(30),SUBSTRING(@sid,9+Number*4,4))))))
FROM cte_Nums
ORDER BY Number
) AS x ORDER BY Number
FOR XML PATH(''), TYPE).value(N'.[1]','nvarchar(max)'),1,1,'')
The output from that can be used to search AD, for instance using PowerShell:
Get-ADGroup -Filter {SID -eq 'S-1-5-21-2103014626-253708085-441284377-200890'}