2.2.17 NT_Sid Type

Name: NT_Sid

Namespace: http://schemas.microsoft.com/security/

Description: The NT_Sid type is the XML representation of a SID. It can contain several pieces of information about the security identifier.

If the WebDAV client retrieves the XML representation from the WebDAV server, the following elements will appear in the representation of the NT_Sid type (as long as they are available):

• string_sid (section 2.2.17.1)

• nt4_compatible_name (section 2.2.17.2)

• type (section 2.2.17.3)

• ad_object_guid (section 2.2.17.4)

• display_name (section 2.2.17.5)

In some cases, the server returns less information. For example, if the SID cannot be looked up, the server returns only the string_sid element. For some built-in NT accounts, the server returns only the string_sid, nt4_compatible_name, and type elements.

If the WebDAV client sets the XML representation, it does not have to give all the elements, providing that one of the following elements is sufficient:

• string_sid

• nt4_compatible_name

• ad_object_guid

• display_name

The server will use only one of the elements that the client gives it to determine the SID. The server SHOULD use the element that is easiest to compute and least prone to ambiguity. The order based on ease of computation is (1) string_sid, (2) nt4_compatible_name, (3) ad_object_guid, and (4) display_name. As a last resort, the client can use the display_name element, but because it is not unique, this is not recommended.