Concept - SID

Previous Next


There are several SIDs reserved for NT.

    link back to sec page
    S for security id
    1 Revision level
    5 Identifier Authority (48 bit) 5 = logon id
    21 Sub-authority (21 = nt non unique)
    646518322        SA
    1873620750        SA domain id
    619646970        SA
    1110        user id
S-1-5-32-544 Local admin.
S-1-1-0 World (everybody)
S-1-5-21 NT non-unique ids

Identifier Authorities

Identifier Authority Abbr.
Null SID S-1-0
World SID S-1-1
Local SID S-1-2
Creator SID S-1-3
Non-unique S-1-4
NT SID S-1-5

Relative Identifiers (RIDs)

    These relative identifiers (RIDs) are used with the above identifier
    authorities to make up universal well-known SIDs.

    Note: The relative identifier (RID) refers to the portion of a SID, which
    identifies a user or group in relation to the authority that issued the SID.
    For example, the universal well-known SID Creator Owner ID (S-1-3-0) is
    made up of the identifier authority SECURITY_CREATOR_SID_AUTHORITY (3) and
    the relative identifier SECURITY_CREATOR_OWNER_RID (0).

Relative Identifiers

Relative Identifier Code SID
Null 0 S-1-0-0
World 0 S-1-1-0
Local 0 S-1-2-0
Creator Owner 0 S-1-3-0
Creator Group 1 S-1-3-1
Creator Owner Server 2 S-1-3-2
Creator Group Server 3 S-1-3-3
Dialup 1 S-1-5-1
Network 2 S-1-5-2
Batch 3 S-1-5-3
Interactive 4 S-1-5-4
Logon Ids 5 S-1-5-5-X-Y
Service 6 S-1-5-6
Anonymous Logon 7 S-1-5-7
Proxy 8 S-1-5-8
Enterprise Controllers 9 S-1-5-9
Server Logon 9 S-1-5-9
Principal Self 10 S-1-5-10
Authenticated User 11 S-1-5-11
Restricted Code 12 S-1-5-12
Terminal Server 13 S-1-5-13
Local System 18 S-1-5-18
NT Non-unique 21 S-1-5-21
Builtin Domain 32 S-1-5-32

Well-known domain relative sub-authority values (RIDs).

Domain Users

Domain User Code
Admin 500
Guest 501
Kerberos Target 502

Domain Groups

Domain Group Code
Admins 512
Users 513
Guests 514
Computers 515
Controllers 516
Cert Admins 517
Schema Admins 518
Enterprise Admins 519
Policy Admins 520

Domain Aliases

Domain Alias Code
Admins 544
Users 545
Guests 546
Power Users 547
Account Ops 548
System Ops 549
Print Ops 550
Backup Ops 551
Replicator 552
RAS Servers 553
Pre W2K Comp Access 554

Universal well-known SIDs

SID Abbr.
Null S-1-0-0
World S-1-1-0
Local S-1-2-0
Creator Owner S-1-3-0
Creator Group S-1-3-1
Creator Owner Server S-1-3-2
Creator Group Server S-1-3-3
Non-unique IDs S-1-4

NT well-known SIDs

SID Abbr.
NT Authority S-1-5
Dialup S-1-5-1
Network S-1-5-2
Batch S-1-5-3
Interactive S-1-5-4
Service S-1-5-6
Anonymous Logon (Null Logon) S-1-5-7
Proxy S-1-5-8
Server Logon (Domain Controller) S-1-5-9
Self S-1-5-10
Authenticated User S-1-5-11
Restricted Code S-1-5-12
Terminal Server S-1-5-13
Logon IDs S-1-5-5-X-Y
NT Non-unique IDs S-1-5-21-...
Built-in Domain S-1-5-32

Copyright ©