Glossary |
There are several SIDs reserved for NT.
link back to sec pagesec
S-1-5-21-646518322-1873620750-619646970-1110 S for security id 1 Revision level 5 Identifier Authority (48 bit) 5 = logon id 21 Sub-authority (21 = nt non unique) 646518322 SA 1873620750 SA domain id 619646970 SA 1110 user id
S-1-5-32-544 | Local admin. |
S-1-1-0 | World (everybody) |
S-1-5-21 | NT non-unique ids |
Identifier Authorities
Identifier Authority | Abbr. |
---|---|
Null SID | S-1-0 |
World SID | S-1-1 |
Local SID | S-1-2 |
Creator SID | S-1-3 |
Non-unique | S-1-4 |
NT SID | S-1-5 |
Relative Identifiers (RIDs)
These relative identifiers (RIDs) are used with the above identifier authorities to make up universal well-known SIDs. Note: The relative identifier (RID) refers to the portion of a SID, which identifies a user or group in relation to the authority that issued the SID. For example, the universal well-known SID Creator Owner ID (S-1-3-0) is made up of the identifier authority SECURITY_CREATOR_SID_AUTHORITY (3) and the relative identifier SECURITY_CREATOR_OWNER_RID (0).
Relative Identifiers
Relative Identifier | Code | SID |
---|---|---|
Null | 0 | S-1-0-0 |
World | 0 | S-1-1-0 |
Local | 0 | S-1-2-0 |
Creator Owner | 0 | S-1-3-0 |
Creator Group | 1 | S-1-3-1 |
Creator Owner Server | 2 | S-1-3-2 |
Creator Group Server | 3 | S-1-3-3 |
Dialup | 1 | S-1-5-1 |
Network | 2 | S-1-5-2 |
Batch | 3 | S-1-5-3 |
Interactive | 4 | S-1-5-4 |
Logon Ids | 5 | S-1-5-5-X-Y |
Service | 6 | S-1-5-6 |
Anonymous Logon | 7 | S-1-5-7 |
Proxy | 8 | S-1-5-8 |
Enterprise Controllers | 9 | S-1-5-9 |
Server Logon | 9 | S-1-5-9 |
Principal Self | 10 | S-1-5-10 |
Authenticated User | 11 | S-1-5-11 |
Restricted Code | 12 | S-1-5-12 |
Terminal Server | 13 | S-1-5-13 |
Local System | 18 | S-1-5-18 |
NT Non-unique | 21 | S-1-5-21 |
Builtin Domain | 32 | S-1-5-32 |
Well-known domain relative sub-authority values (RIDs).
Domain Users
Domain User | Code |
---|---|
Admin | 500 |
Guest | 501 |
Kerberos Target | 502 |
Domain Groups
Domain Group | Code |
---|---|
Admins | 512 |
Users | 513 |
Guests | 514 |
Computers | 515 |
Controllers | 516 |
Cert Admins | 517 |
Schema Admins | 518 |
Enterprise Admins | 519 |
Policy Admins | 520 |
Domain Aliases
Domain Alias | Code |
---|---|
Admins | 544 |
Users | 545 |
Guests | 546 |
Power Users | 547 |
Account Ops | 548 |
System Ops | 549 |
Print Ops | 550 |
Backup Ops | 551 |
Replicator | 552 |
RAS Servers | 553 |
Pre W2K Comp Access | 554 |
Universal well-known SIDs
SID | Abbr. |
---|---|
Null | S-1-0-0 |
World | S-1-1-0 |
Local | S-1-2-0 |
Creator Owner | S-1-3-0 |
Creator Group | S-1-3-1 |
Creator Owner Server | S-1-3-2 |
Creator Group Server | S-1-3-3 |
Non-unique IDs | S-1-4 |
NT well-known SIDs
SID | Abbr. |
---|---|
NT Authority | S-1-5 |
Dialup | S-1-5-1 |
Network | S-1-5-2 |
Batch | S-1-5-3 |
Interactive | S-1-5-4 |
Service | S-1-5-6 |
Anonymous Logon (Null Logon) | S-1-5-7 |
Proxy | S-1-5-8 |
Server Logon (Domain Controller) | S-1-5-9 |
Self | S-1-5-10 |
Authenticated User | S-1-5-11 |
Restricted Code | S-1-5-12 |
Terminal Server | S-1-5-13 |
Logon IDs | S-1-5-5-X-Y |
NT Non-unique IDs | S-1-5-21-... |
Built-in Domain | S-1-5-32 |