Export (0) Print
Expand All

2.4.1 SID_IDENTIFIER_AUTHORITY

The SID_IDENTIFIER_AUTHORITY structure represents the top-level authority of a security identifier (SID).


0

1

2

3

4

5

6

7

8

9
1
0

1

2

3

4

5

6

7

8

9
2
0

1

2

3

4

5

6

7

8

9
3
0

1

Value

...

Value (6 bytes): An array of six 8-bit unsigned integers that specify the top-level authority of a SID, RPC_SID, and LSAPR_SID_INFORMATION.

The identifier authority value identifies the domain security authority that issued the SID. The following identifier authorities are predefined for wire traffic.

Identifier Authority Meaning

NULL_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}

Specifies the NULL SID authority. It defines only the NULL well-known-SID: S-1-0-0.

WORLD_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x01}

Specifies the World SID authority. It only defines the Everyone well-known-SID: S-1-1-0.

LOCAL_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x02}

Specifies the Local SID authority. It defines only the Local well-known-SID: S-1-2-0.

CREATOR_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x03}

Specifies the Creator SID authority. It defines the Creator Owner, Creator Group, and Creator Owner Server well-known-SIDs: S-1-3-0, S-1-3-1, and S-1-3-2. These SIDs are used as placeholders in an access control list (ACL) and are replaced by the user, group, and machine SIDs of the security principal.

NON_UNIQUE_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x04}

Not used.

SECURITY_NT_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x05}

Specifies the Windows NT security subsystem SID authority. It defines all other SIDs in the forest.

SECURITY_APP_PACKAGE_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x0F}

Specifies the application package authority. It defines application capability SIDs.

SECURITY_MANDATORY_LABEL_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x10}

Specifies the Mandatory label authority. It defines the integrity level SIDs.

SECURITY_SCOPED_POLICY_ID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x11}

Specifies the Scoped Policy Authority. It defines all other scoped policy SIDs in the forest.<3>

SECURITY_AUTHENTICATION_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x12}

Specifies the authentication authority asserting the client’s identity. It defines only the following well-known SIDs: S-1-18-1, and S-1-18-2.<4>

 
Show:
© 2014 Microsoft