Tag: SID

About

In the context of the Microsoft Windows NT line of operating systems, a Security Identifier (commonly abbreviated SID) is a unique name (an alphanumeric character string) which is assigned by a Windows Domain controller during the log on process that is used to identify an object, such as a user or a group of users in a network of NT/2000 systems.

Windows grants or denies access and privileges to resources based on access control lists (ACLs), which use SIDs to uniquely identify users and their group memberships. When a user logs into a computer, an access token is generated that contains user and group SIDs and user privilege level. When a user requests access to a resource, the access token is checked by the ACL to permit or deny particular action on a particular object.

Could someone please add here where the SID is stored. I assume it's kept in EEPROM. This is in question form, not in the way of a statement of fact. Thanks

SIDs are useful for troubleshooting issues with security audits, Windows server and domain migrations.

SID has format as follows: S-1-5-12-7623811015-3361044348-030300820-1013

• S - The string is a SID.
• 1 - The revision level.
• 5 - The identifier authority value.
• 12-7623811015-3361044348-030300820 - domain or local computer identifier
• 1013 – a Relative ID (RID)

Any group or user that is not created by default will have a Relative ID of 1000 or greater.

From http://en.wikipedia.org/wiki/Security_Identifier