A security identifier (SID) is a unique value of variable length that is used to identify a security principal or security group in Windows operating systems. Well-known SIDs are a group of SIDs that identify generic users or generic groups. Their values remain constant across all operating systems.
eg:
Security Identifier Structure
SID Field: Description
Revision: Revision level.
SubAuthorityCount: SubAuthority count.
IdentifierAuthority: IdentifierAuthority is 48-bit number that is usually presented as 3 numbers (16 bits each) IdentifierAuthority[0], IdentifierAuthority[2] and IdentifierAuthority[3]
SubAuthority: A variable number of SubAuthority or Relative Identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID
SID: S-1-5-domain-513
Name: Domain Users
Description: A global group that, by default, includes all user accounts in a domain. When you create a user account in a domain, it is added to this group by default.
SID: S-1-5-domain-514
Name: Domain Guests
Description: A global group that, by default, has only one member, the domain's built-in Guest account.
In this example, the SID has the following components:
A revision level of "1".
An identifier-authority value of "5" (SECURITY_NT_AUTHORITY).
A first subauthority value of "32" (SECURITY_BUILTIN_DOMAIN_RID).
A second subauthority value of "544" (DOMAIN_ALIAS_RID_ADMINS).
No comments:
Post a Comment