diff --git a/plugins/module_utils/ansible_freeipa_module.py b/plugins/module_utils/ansible_freeipa_module.py
index 3386cb8c10e64cd95a00d3bbe83530380481d083..2f861efa6b0578eb4724551b5af253fc86047897 100644
--- a/plugins/module_utils/ansible_freeipa_module.py
+++ b/plugins/module_utils/ansible_freeipa_module.py
@@ -589,6 +589,20 @@ def ensure_fqdn(name, domain):
     return name
 
 
+def convert_to_sid(items):
+    """Convert all items to SID, if possible."""
+    def get_sid(data):
+        try:
+            return get_trusted_domain_object_sid(data)
+        except ipalib_errors.NotFound:
+            return data
+    if items is None:
+        return None
+    if not isinstance(items, (list, tuple)):
+        items = [items]
+    return [get_sid(item) for item in items]
+
+
 def api_get_realm():
     return api.env.realm
 
@@ -903,6 +917,13 @@ def get_trusted_domain_sid_from_name(dom_name):
     return unicode(sid) if sid is not None else None
 
 
+def get_trusted_domain_object_sid(object_name):
+    """Given an object name, returns de object SID."""
+    domain_validator = __get_domain_validator()
+    sid = domain_validator.get_trusted_domain_object_sid(object_name)
+    return unicode(sid) if sid is not None else None
+
+
 class IPAParamMapping(Mapping):
     """
     Provides IPA API mapping to playbook parameters or computed values.