WELL_KNOWN_SID_TYPE enumeration
Applies to: desktop apps only
The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.
Syntax
typedef enum {
WinNullSid = 0,
WinWorldSid = 1,
WinLocalSid = 2,
WinCreatorOwnerSid = 3,
WinCreatorGroupSid = 4,
WinCreatorOwnerServerSid = 5,
WinCreatorGroupServerSid = 6,
WinNtAuthoritySid = 7,
WinDialupSid = 8,
WinNetworkSid = 9,
WinBatchSid = 10,
WinInteractiveSid = 11,
WinServiceSid = 12,
WinAnonymousSid = 13,
WinProxySid = 14,
WinEnterpriseControllersSid = 15,
WinSelfSid = 16,
WinAuthenticatedUserSid = 17,
WinRestrictedCodeSid = 18,
WinTerminalServerSid = 19,
WinRemoteLogonIdSid = 20,
WinLogonIdsSid = 21,
WinLocalSystemSid = 22,
WinLocalServiceSid = 23,
WinNetworkServiceSid = 24,
WinBuiltinDomainSid = 25,
WinBuiltinAdministratorsSid = 26,
WinBuiltinUsersSid = 27,
WinBuiltinGuestsSid = 28,
WinBuiltinPowerUsersSid = 29,
WinBuiltinAccountOperatorsSid = 30,
WinBuiltinSystemOperatorsSid = 31,
WinBuiltinPrintOperatorsSid = 32,
WinBuiltinBackupOperatorsSid = 33,
WinBuiltinReplicatorSid = 34,
WinBuiltinPreWindows2000CompatibleAccessSid = 35,
WinBuiltinRemoteDesktopUsersSid = 36,
WinBuiltinNetworkConfigurationOperatorsSid = 37,
WinAccountAdministratorSid = 38,
WinAccountGuestSid = 39,
WinAccountKrbtgtSid = 40,
WinAccountDomainAdminsSid = 41,
WinAccountDomainUsersSid = 42,
WinAccountDomainGuestsSid = 43,
WinAccountComputersSid = 44,
WinAccountControllersSid = 45,
WinAccountCertAdminsSid = 46,
WinAccountSchemaAdminsSid = 47,
WinAccountEnterpriseAdminsSid = 48,
WinAccountPolicyAdminsSid = 49,
WinAccountRasAndIasServersSid = 50,
WinNTLMAuthenticationSid = 51,
WinDigestAuthenticationSid = 52,
WinSChannelAuthenticationSid = 53,
WinThisOrganizationSid = 54,
WinOtherOrganizationSid = 55,
WinBuiltinIncomingForestTrustBuildersSid = 56,
WinBuiltinPerfMonitoringUsersSid = 57,
WinBuiltinPerfLoggingUsersSid = 58,
WinBuiltinAuthorizationAccessSid = 59,
WinBuiltinTerminalServerLicenseServersSid = 60,
WinBuiltinDCOMUsersSid = 61,
WinBuiltinIUsersSid = 62,
WinIUserSid = 63,
WinBuiltinCryptoOperatorsSid = 64,
WinUntrustedLabelSid = 65,
WinLowLabelSid = 66,
WinMediumLabelSid = 67,
WinHighLabelSid = 68,
WinSystemLabelSid = 69,
WinWriteRestrictedCodeSid = 70,
WinCreatorOwnerRightsSid = 71,
WinCacheablePrincipalsGroupSid = 72,
WinNonCacheablePrincipalsGroupSid = 73,
WinEnterpriseReadonlyControllersSid = 74,
WinAccountReadonlyControllersSid = 75,
WinBuiltinEventLogReadersGroup = 76,
WinNewEnterpriseReadonlyControllersSid = 77,
WinBuiltinCertSvcDComAccessGroup = 78,
WinMediumPlusLabelSid = 79,
WinLocalLogonSid = 80,
WinConsoleLogonSid = 81,
WinThisOrganizationCertificateSid = 82,
WinApplicationPackageAuthoritySid = 83,
WinBuiltinAnyPackageSid = 84,
WinCapabilityInternetClientSid = 85,
WinCapabilityInternetClientServerSid = 86,
WinCapabilityPrivateNetworkClientServerSid = 87,
WinCapabilityPicturesLibrarySid = 88,
WinCapabilityVideosLibrarySid = 89,
WinCapabilityMusicLibrarySid = 90,
WinCapabilityDocumentsLibrarySid = 91,
WinCapabilitySharedUserCertificatesSid = 92,
WinCapabilityDefaultWindowsCredentialsSid = 93,
WinCapabilityRemovableStorageSid = 94
} WELL_KNOWN_SID_TYPE;
Constants
- WinNullSid
-
Indicates a null SID.
- WinWorldSid
-
Indicates a SID that matches everyone.
- WinLocalSid
-
Indicates a local SID.
- WinCreatorOwnerSid
-
Indicates a SID that matches the owner or creator of an object.
- WinCreatorGroupSid
-
Indicates a SID that matches the creator group of an object.
- WinCreatorOwnerServerSid
-
Indicates a creator owner server SID.
- WinCreatorGroupServerSid
-
Indicates a creator group server SID.
- WinNtAuthoritySid
-
Indicates a SID for the Windows NT authority account.
- WinDialupSid
-
Indicates a SID for a dial-up account.
- WinNetworkSid
-
Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK.
- WinBatchSid
-
Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH.
- WinInteractiveSid
-
Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE.
- WinServiceSid
-
Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE.
- WinAnonymousSid
-
Indicates a SID for the anonymous account.
- WinProxySid
-
Indicates a proxy SID.
- WinEnterpriseControllersSid
-
Indicates a SID for an enterprise controller.
- WinSelfSid
-
Indicates a SID for self.
- WinAuthenticatedUserSid
-
Indicates a SID that matches any authenticated user.
- WinRestrictedCodeSid
-
Indicates a SID for restricted code.
- WinTerminalServerSid
-
Indicates a SID that matches a terminal server account.
- WinRemoteLogonIdSid
-
Indicates a SID that matches remote logons.
- WinLogonIdsSid
-
Indicates a SID that matches logon IDs.
- WinLocalSystemSid
-
Indicates a SID that matches the local system.
- WinLocalServiceSid
-
Indicates a SID that matches a local service.
- WinNetworkServiceSid
-
Indicates a SID that matches a network service.
- WinBuiltinDomainSid
-
Indicates a SID that matches the domain account.
- WinBuiltinAdministratorsSid
-
Indicates a SID that matches the administrator group.
- WinBuiltinUsersSid
-
Indicates a SID that matches built-in user accounts.
- WinBuiltinGuestsSid
-
Indicates a SID that matches the guest account.
- WinBuiltinPowerUsersSid
-
Indicates a SID that matches the power users group.
- WinBuiltinAccountOperatorsSid
-
Indicates a SID that matches the account operators account.
- WinBuiltinSystemOperatorsSid
-
Indicates a SID that matches the system operators group.
- WinBuiltinPrintOperatorsSid
-
Indicates a SID that matches the print operators group.
- WinBuiltinBackupOperatorsSid
-
Indicates a SID that matches the backup operators group.
- WinBuiltinReplicatorSid
-
Indicates a SID that matches the replicator account.
- WinBuiltinPreWindows2000CompatibleAccessSid
-
Indicates a SID that matches pre-Windows 2000 compatible accounts.
- WinBuiltinRemoteDesktopUsersSid
-
Indicates a SID that matches remote desktop users.
- WinBuiltinNetworkConfigurationOperatorsSid
-
Indicates a SID that matches the network operators group.
- WinAccountAdministratorSid
-
Indicates a SID that matches the account administrator's account.
- WinAccountGuestSid
-
Indicates a SID that matches the account guest group.
- WinAccountKrbtgtSid
-
Indicates a SID that matches account Kerberos target group.
- WinAccountDomainAdminsSid
-
Indicates a SID that matches the account domain administrator group.
- WinAccountDomainUsersSid
-
Indicates a SID that matches the account domain users group.
- WinAccountDomainGuestsSid
-
Indicates a SID that matches the account domain guests group.
- WinAccountComputersSid
-
Indicates a SID that matches the account computer group.
- WinAccountControllersSid
-
Indicates a SID that matches the account controller group.
- WinAccountCertAdminsSid
-
Indicates a SID that matches the certificate administrators group.
- WinAccountSchemaAdminsSid
-
Indicates a SID that matches the schema administrators group.
- WinAccountEnterpriseAdminsSid
-
Indicates a SID that matches the enterprise administrators group.
- WinAccountPolicyAdminsSid
-
Indicates a SID that matches the policy administrators group.
- WinAccountRasAndIasServersSid
-
Indicates a SID that matches the RAS and IAS server account.
- WinNTLMAuthenticationSid
-
Indicates a SID present when the Microsoft NTLM authentication package authenticated the client.
- WinDigestAuthenticationSid
-
Indicates a SID present when the Microsoft Digest authentication package authenticated the client.
- WinSChannelAuthenticationSid
-
Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client.
- WinThisOrganizationSid
-
Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present.
- WinOtherOrganizationSid
-
Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present.
- WinBuiltinIncomingForestTrustBuildersSid
-
Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest.
- WinBuiltinPerfMonitoringUsersSid
-
Indicates a SID that matches the performance monitor user group.
- WinBuiltinPerfLoggingUsersSid
-
Indicates a SID that matches the performance log user group.
- WinBuiltinAuthorizationAccessSid
-
Indicates a SID that matches the Windows Authorization Access group.
- WinBuiltinTerminalServerLicenseServersSid
-
Indicates a SID is present in a server that can issue terminal server licenses.
- WinBuiltinDCOMUsersSid
-
TBD
- WinBuiltinIUsersSid
-
TBD
- WinIUserSid
-
TBD
- WinBuiltinCryptoOperatorsSid
-
TBD
- WinUntrustedLabelSid
-
TBD
- WinLowLabelSid
-
TBD
- WinMediumLabelSid
-
TBD
- WinHighLabelSid
-
TBD
- WinSystemLabelSid
-
TBD
- WinWriteRestrictedCodeSid
-
TBD
- WinCreatorOwnerRightsSid
-
TBD
- WinCacheablePrincipalsGroupSid
-
TBD
- WinNonCacheablePrincipalsGroupSid
-
TBD
- WinEnterpriseReadonlyControllersSid
-
TBD
- WinAccountReadonlyControllersSid
-
TBD
- WinBuiltinEventLogReadersGroup
-
TBD
- WinNewEnterpriseReadonlyControllersSid
-
Indicates a SID that matches a read-only enterprise domain controller.
- WinBuiltinCertSvcDComAccessGroup
-
Indicates a SID that matches the built-in DCOM certification services access group.
- WinMediumPlusLabelSid
-
Indicates a SID that matches the medium plus integrity label.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinLocalLogonSid
-
TBD
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinConsoleLogonSid
-
TBD
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinThisOrganizationCertificateSid
-
TBD
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinApplicationPackageAuthoritySid
-
Indicates a SID that matches the application package authority.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinBuiltinAnyPackageSid
-
Indicates a SID that applies to all app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityInternetClientSid
-
Indicates a SID of Internet client capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityInternetClientServerSid
-
Indicates a SID of Internet client and server capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityPrivateNetworkClientServerSid
-
Indicates a SID of private network client and server capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityPicturesLibrarySid
-
Indicates a SID for pictures library capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityVideosLibrarySid
-
Indicates a SID for videos library capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityMusicLibrarySid
-
Indicates a SID for music library capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityDocumentsLibrarySid
-
Indicates a SID for documents library capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilitySharedUserCertificatesSid
-
Indicates a SID for shared user certificates capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityDefaultWindowsCredentialsSid
-
Indicates a SID for Windows credentials capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available. - WinCapabilityRemovableStorageSid
-
Indicates a SID for removable storage capability for app containers.
Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP: This value is not available.
Requirements
|
Minimum supported client | Windows XP |
|---|---|
|
Minimum supported server | Windows Server 2003 |
|
Header |
|
See also
Send comments about this topic to Microsoft
Build date: 3/7/2012
"WinWorldSid: Indicates a SID that matches everyone"
SHOULD BE:
"WinWorldSid: Indicates a SID that matches the Everyone group (SID: S-1-1-0)"
It means that the WinWorldSid will not match every supplied SID. It will only match S-1-1-0! In practice this means that when you call IsWellKnownSid with for example your SID and WinWorldSid the function will return FALSE which may not be that obvious after reading the description.
- 12/15/2010
- QmQ
[Flags()]
public enum WellKnownSidType
{
AccountAdministratorSid = 0x26,
AccountCertAdminsSid = 0x2e,
AccountComputersSid = 0x2c,
AccountControllersSid = 0x2d,
AccountDomainAdminsSid = 0x29,
AccountDomainGuestsSid = 0x2b,
AccountDomainUsersSid = 0x2a,
AccountEnterpriseAdminsSid = 0x30,
AccountGuestSid = 0x27,
AccountKrbtgtSid = 40,
AccountPolicyAdminsSid = 0x31,
AccountRasAndIasServersSid = 50,
AccountSchemaAdminsSid = 0x2f,
AnonymousSid = 13,
AuthenticatedUserSid = 0x11,
BatchSid = 10,
BuiltinAccountOperatorsSid = 30,
BuiltinAdministratorsSid = 0x1a,
BuiltinAuthorizationAccessSid = 0x3b,
BuiltinBackupOperatorsSid = 0x21,
BuiltinDomainSid = 0x19,
BuiltinGuestsSid = 0x1c,
BuiltinIncomingForestTrustBuildersSid = 0x38,
BuiltinNetworkConfigurationOperatorsSid = 0x25,
BuiltinPerformanceLoggingUsersSid = 0x3a,
BuiltinPerformanceMonitoringUsersSid = 0x39,
BuiltinPowerUsersSid = 0x1d,
BuiltinPreWindows2000CompatibleAccessSid = 0x23,
BuiltinPrintOperatorsSid = 0x20,
BuiltinRemoteDesktopUsersSid = 0x24,
BuiltinReplicatorSid = 0x22,
BuiltinSystemOperatorsSid = 0x1f,
BuiltinUsersSid = 0x1b,
CreatorGroupServerSid = 6,
CreatorGroupSid = 4,
CreatorOwnerServerSid = 5,
CreatorOwnerSid = 3,
DialupSid = 8,
DigestAuthenticationSid = 0x34,
EnterpriseControllersSid = 15,
InteractiveSid = 11,
LocalServiceSid = 0x17,
LocalSid = 2,
LocalSystemSid = 0x16,
LogonIdsSid = 0x15,
MaxDefined = 60,
NetworkServiceSid = 0x18,
NetworkSid = 9,
NTAuthoritySid = 7,
NtlmAuthenticationSid = 0x33,
NullSid = 0,
OtherOrganizationSid = 0x37,
ProxySid = 14,
RemoteLogonIdSid = 20,
RestrictedCodeSid = 0x12,
SChannelAuthenticationSid = 0x35,
SelfSid = 0x10,
ServiceSid = 12,
TerminalServerSid = 0x13,
ThisOrganizationSid = 0x36,
WinBuiltinTerminalServerLicenseServersSid = 60,
WorldSid = 1
}
- 5/8/2009
- dmex
<Flags()> Public Enum WellKnownSidType AccountAdministratorSid = &H26 AccountCertAdminsSid = &H2E AccountComputersSid = &H2C AccountControllersSid = &H2D AccountDomainAdminsSid = &H29 AccountDomainGuestsSid = &H2B AccountDomainUsersSid = &H2A AccountEnterpriseAdminsSid = &H30 AccountGuestSid = &H27 AccountKrbtgtSid = 40 AccountPolicyAdminsSid = &H31 AccountRasAndIasServersSid = 50 AccountSchemaAdminsSid = &H2F AnonymousSid = 13 AuthenticatedUserSid = &H11 BatchSid = 10 BuiltinAccountOperatorsSid = 30 BuiltinAdministratorsSid = &H1A BuiltinAuthorizationAccessSid = &H3B BuiltinBackupOperatorsSid = &H21 BuiltinDomainSid = &H19 BuiltinGuestsSid = &H1C BuiltinIncomingForestTrustBuildersSid = &H38 BuiltinNetworkConfigurationOperatorsSid = &H25 BuiltinPerformanceLoggingUsersSid = &H3A BuiltinPerformanceMonitoringUsersSid = &H39 BuiltinPowerUsersSid = &H1D BuiltinPreWindows2000CompatibleAccessSid = &H23 BuiltinPrintOperatorsSid = &H20 BuiltinRemoteDesktopUsersSid = &H24 BuiltinReplicatorSid = &H22 BuiltinSystemOperatorsSid = &H1F BuiltinUsersSid = &H1B CreatorGroupServerSid = 6 CreatorGroupSid = 4 CreatorOwnerServerSid = 5 CreatorOwnerSid = 3 DialupSid = 8 DigestAuthenticationSid = &H34 EnterpriseControllersSid = 15 InteractiveSid = 11 LocalServiceSid = &H17 LocalSid = 2 LocalSystemSid = &H16 LogonIdsSid = &H15 MaxDefined = 60 NetworkServiceSid = &H18 NetworkSid = 9 NTAuthoritySid = 7 NtlmAuthenticationSid = &H33 NullSid = 0 OtherOrganizationSid = &H37 ProxySid = 14 RemoteLogonIdSid = 20 RestrictedCodeSid = &H12 SChannelAuthenticationSid = &H35 SelfSid = &H10 ServiceSid = 12 TerminalServerSid = &H13 ThisOrganizationSid = &H36 WinBuiltinTerminalServerLicenseServersSid = 60 WorldSid = 1 End Enum
- 5/8/2009
- dmex
