Export (0) Print
Expand All

WELL_KNOWN_SID_TYPE enumeration

The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.

Syntax


typedef enum  { 
  WinNullSid                                   = 0,
  WinWorldSid                                  = 1,
  WinLocalSid                                  = 2,
  WinCreatorOwnerSid                           = 3,
  WinCreatorGroupSid                           = 4,
  WinCreatorOwnerServerSid                     = 5,
  WinCreatorGroupServerSid                     = 6,
  WinNtAuthoritySid                            = 7,
  WinDialupSid                                 = 8,
  WinNetworkSid                                = 9,
  WinBatchSid                                  = 10,
  WinInteractiveSid                            = 11,
  WinServiceSid                                = 12,
  WinAnonymousSid                              = 13,
  WinProxySid                                  = 14,
  WinEnterpriseControllersSid                  = 15,
  WinSelfSid                                   = 16,
  WinAuthenticatedUserSid                      = 17,
  WinRestrictedCodeSid                         = 18,
  WinTerminalServerSid                         = 19,
  WinRemoteLogonIdSid                          = 20,
  WinLogonIdsSid                               = 21,
  WinLocalSystemSid                            = 22,
  WinLocalServiceSid                           = 23,
  WinNetworkServiceSid                         = 24,
  WinBuiltinDomainSid                          = 25,
  WinBuiltinAdministratorsSid                  = 26,
  WinBuiltinUsersSid                           = 27,
  WinBuiltinGuestsSid                          = 28,
  WinBuiltinPowerUsersSid                      = 29,
  WinBuiltinAccountOperatorsSid                = 30,
  WinBuiltinSystemOperatorsSid                 = 31,
  WinBuiltinPrintOperatorsSid                  = 32,
  WinBuiltinBackupOperatorsSid                 = 33,
  WinBuiltinReplicatorSid                      = 34,
  WinBuiltinPreWindows2000CompatibleAccessSid  = 35,
  WinBuiltinRemoteDesktopUsersSid              = 36,
  WinBuiltinNetworkConfigurationOperatorsSid   = 37,
  WinAccountAdministratorSid                   = 38,
  WinAccountGuestSid                           = 39,
  WinAccountKrbtgtSid                          = 40,
  WinAccountDomainAdminsSid                    = 41,
  WinAccountDomainUsersSid                     = 42,
  WinAccountDomainGuestsSid                    = 43,
  WinAccountComputersSid                       = 44,
  WinAccountControllersSid                     = 45,
  WinAccountCertAdminsSid                      = 46,
  WinAccountSchemaAdminsSid                    = 47,
  WinAccountEnterpriseAdminsSid                = 48,
  WinAccountPolicyAdminsSid                    = 49,
  WinAccountRasAndIasServersSid                = 50,
  WinNTLMAuthenticationSid                     = 51,
  WinDigestAuthenticationSid                   = 52,
  WinSChannelAuthenticationSid                 = 53,
  WinThisOrganizationSid                       = 54,
  WinOtherOrganizationSid                      = 55,
  WinBuiltinIncomingForestTrustBuildersSid     = 56,
  WinBuiltinPerfMonitoringUsersSid             = 57,
  WinBuiltinPerfLoggingUsersSid                = 58,
  WinBuiltinAuthorizationAccessSid             = 59,
  WinBuiltinTerminalServerLicenseServersSid    = 60,
  WinBuiltinDCOMUsersSid                       = 61,
  WinBuiltinIUsersSid                          = 62,
  WinIUserSid                                  = 63,
  WinBuiltinCryptoOperatorsSid                 = 64,
  WinUntrustedLabelSid                         = 65,
  WinLowLabelSid                               = 66,
  WinMediumLabelSid                            = 67,
  WinHighLabelSid                              = 68,
  WinSystemLabelSid                            = 69,
  WinWriteRestrictedCodeSid                    = 70,
  WinCreatorOwnerRightsSid                     = 71,
  WinCacheablePrincipalsGroupSid               = 72,
  WinNonCacheablePrincipalsGroupSid            = 73,
  WinEnterpriseReadonlyControllersSid          = 74,
  WinAccountReadonlyControllersSid             = 75,
  WinBuiltinEventLogReadersGroup               = 76,
  WinNewEnterpriseReadonlyControllersSid       = 77,
  WinBuiltinCertSvcDComAccessGroup             = 78,
  WinMediumPlusLabelSid                        = 79,
  WinLocalLogonSid                             = 80,
  WinConsoleLogonSid                           = 81,
  WinThisOrganizationCertificateSid            = 82,
  WinApplicationPackageAuthoritySid            = 83,
  WinBuiltinAnyPackageSid                      = 84,
  WinCapabilityInternetClientSid               = 85,
  WinCapabilityInternetClientServerSid         = 86,
  WinCapabilityPrivateNetworkClientServerSid   = 87,
  WinCapabilityPicturesLibrarySid              = 88,
  WinCapabilityVideosLibrarySid                = 89,
  WinCapabilityMusicLibrarySid                 = 90,
  WinCapabilityDocumentsLibrarySid             = 91,
  WinCapabilitySharedUserCertificatesSid       = 92,
  WinCapabilityEnterpriseAuthenticationSid     = 93,
  WinCapabilityRemovableStorageSid             = 94
} WELL_KNOWN_SID_TYPE;

Constants

WinNullSid

Indicates a null SID.

WinWorldSid

Indicates a SID that matches everyone.

WinLocalSid

Indicates a local SID.

WinCreatorOwnerSid

Indicates a SID that matches the owner or creator of an object.

WinCreatorGroupSid

Indicates a SID that matches the creator group of an object.

WinCreatorOwnerServerSid

Indicates a creator owner server SID.

WinCreatorGroupServerSid

Indicates a creator group server SID.

WinNtAuthoritySid

Indicates a SID for the Windows NT authority account.

WinDialupSid

Indicates a SID for a dial-up account.

WinNetworkSid

Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK.

WinBatchSid

Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH.

WinInteractiveSid

Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE.

WinServiceSid

Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE.

WinAnonymousSid

Indicates a SID for the anonymous account.

WinProxySid

Indicates a proxy SID.

WinEnterpriseControllersSid

Indicates a SID for an enterprise controller.

WinSelfSid

Indicates a SID for self.

WinAuthenticatedUserSid

Indicates a SID that matches any authenticated user.

WinRestrictedCodeSid

Indicates a SID for restricted code.

WinTerminalServerSid

Indicates a SID that matches a terminal server account.

WinRemoteLogonIdSid

Indicates a SID that matches remote logons.

WinLogonIdsSid

Indicates a SID that matches logon IDs.

WinLocalSystemSid

Indicates a SID that matches the local system.

WinLocalServiceSid

Indicates a SID that matches a local service.

WinNetworkServiceSid

Indicates a SID that matches a network service.

WinBuiltinDomainSid

Indicates a SID that matches the domain account.

WinBuiltinAdministratorsSid

Indicates a SID that matches the administrator group.

WinBuiltinUsersSid

Indicates a SID that matches built-in user accounts.

WinBuiltinGuestsSid

Indicates a SID that matches the guest account.

WinBuiltinPowerUsersSid

Indicates a SID that matches the power users group.

WinBuiltinAccountOperatorsSid

Indicates a SID that matches the account operators account.

WinBuiltinSystemOperatorsSid

Indicates a SID that matches the system operators group.

WinBuiltinPrintOperatorsSid

Indicates a SID that matches the print operators group.

WinBuiltinBackupOperatorsSid

Indicates a SID that matches the backup operators group.

WinBuiltinReplicatorSid

Indicates a SID that matches the replicator account.

WinBuiltinPreWindows2000CompatibleAccessSid

Indicates a SID that matches pre-Windows 2000 compatible accounts.

WinBuiltinRemoteDesktopUsersSid

Indicates a SID that matches remote desktop users.

WinBuiltinNetworkConfigurationOperatorsSid

Indicates a SID that matches the network operators group.

WinAccountAdministratorSid

Indicates a SID that matches the account administrator's account.

WinAccountGuestSid

Indicates a SID that matches the account guest group.

WinAccountKrbtgtSid

Indicates a SID that matches account Kerberos target group.

WinAccountDomainAdminsSid

Indicates a SID that matches the account domain administrator group.

WinAccountDomainUsersSid

Indicates a SID that matches the account domain users group.

WinAccountDomainGuestsSid

Indicates a SID that matches the account domain guests group.

WinAccountComputersSid

Indicates a SID that matches the account computer group.

WinAccountControllersSid

Indicates a SID that matches the account controller group.

WinAccountCertAdminsSid

Indicates a SID that matches the certificate administrators group.

WinAccountSchemaAdminsSid

Indicates a SID that matches the schema administrators group.

WinAccountEnterpriseAdminsSid

Indicates a SID that matches the enterprise administrators group.

WinAccountPolicyAdminsSid

Indicates a SID that matches the policy administrators group.

WinAccountRasAndIasServersSid

Indicates a SID that matches the RAS and IAS server account.

WinNTLMAuthenticationSid

Indicates a SID present when the Microsoft NTLM authentication package authenticated the client.

WinDigestAuthenticationSid

Indicates a SID present when the Microsoft Digest authentication package authenticated the client.

WinSChannelAuthenticationSid

Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client.

WinThisOrganizationSid

Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present.

WinOtherOrganizationSid

Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present.

WinBuiltinIncomingForestTrustBuildersSid

Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest.

WinBuiltinPerfMonitoringUsersSid

Indicates a SID that matches the performance monitor user group.

WinBuiltinPerfLoggingUsersSid

Indicates a SID that matches the performance log user group.

WinBuiltinAuthorizationAccessSid

Indicates a SID that matches the Windows Authorization Access group.

WinBuiltinTerminalServerLicenseServersSid

Indicates a SID is present in a server that can issue terminal server licenses.

WinBuiltinDCOMUsersSid

Indicates a SID that matches the distributed COM user group.

WinBuiltinIUsersSid

Indicates a SID that matches the Internet built-in user group.

WinIUserSid

Indicates a SID that matches the Internet user group.

WinBuiltinCryptoOperatorsSid

Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group.

WinUntrustedLabelSid

Indicates a SID that matches an untrusted label.

WinLowLabelSid

Indicates a SID that matches an low level of trust label.

WinMediumLabelSid

Indicates a SID that matches an medium level of trust label.

WinHighLabelSid

Indicates a SID that matches a high level of trust label.

WinSystemLabelSid

Indicates a SID that matches a system label.

WinWriteRestrictedCodeSid

Indicates a SID that matches a write restricted code group.

WinCreatorOwnerRightsSid

Indicates a SID that matches a creator and owner rights group.

WinCacheablePrincipalsGroupSid

Indicates a SID that matches a cacheable principals group.

WinNonCacheablePrincipalsGroupSid

Indicates a SID that matches a non-cacheable principals group.

WinEnterpriseReadonlyControllersSid

Indicates a SID that matches an enterprise wide read-only controllers group.

WinAccountReadonlyControllersSid

Indicates a SID that matches an account read-only controllers group.

WinBuiltinEventLogReadersGroup

Indicates a SID that matches an event log readers group.

WinNewEnterpriseReadonlyControllersSid

Indicates a SID that matches a read-only enterprise domain controller.

WinBuiltinCertSvcDComAccessGroup

Indicates a SID that matches the built-in DCOM certification services access group.

WinMediumPlusLabelSid

Indicates a SID that matches the medium plus integrity label.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinLocalLogonSid

Indicates a SID that matches a local logon group.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinConsoleLogonSid

Indicates a SID that matches a console logon group.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinThisOrganizationCertificateSid

Indicates a SID that matches a certificate for the given organization.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinApplicationPackageAuthoritySid

Indicates a SID that matches the application package authority.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinBuiltinAnyPackageSid

Indicates a SID that applies to all app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityInternetClientSid

Indicates a SID of Internet client capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityInternetClientServerSid

Indicates a SID of Internet client and server capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityPrivateNetworkClientServerSid

Indicates a SID of private network client and server capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityPicturesLibrarySid

Indicates a SID for pictures library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityVideosLibrarySid

Indicates a SID for videos library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityMusicLibrarySid

Indicates a SID for music library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityDocumentsLibrarySid

Indicates a SID for documents library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilitySharedUserCertificatesSid

Indicates a SID for shared user certificates capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityEnterpriseAuthenticationSid

Indicates a SID for Windows credentials capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

WinCapabilityRemovableStorageSid

Indicates a SID for removable storage capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP:  This value is not available.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Winnt.h (include Windows.h)

See also

Allowing Anonymous Access
Well-known SIDs
CreateWellKnownSid
IsWellKnownSid

 

 

Community Additions

ADD
Show:
© 2014 Microsoft