|All||Represents all users of a client computer.|
|DistributionList||Represents a distribution list.|
|None||Represents user accounts that have been disabled or cases when the user does not have access to objects on this SharePoint site.|
|SecurityGroup||Represents a security group.|
|SharePointGroup||Represents a group of SharePoint site users.|
|User||Represents an individual user who is associated with a well-known group. If an account is not disabled, this is the default.|
Windows SharePoint Services supports the assignment of permissions to security principals. There are two types of security principals: users and groups. The Windows SharePoint Services object model defines the SPPrincipal class that provides the base functionality to assign permissions to a principal. It also defines two classes that derive from SPPrincipal - SPUser and SPGroup.
Principal types are managed for a SharePoint site by a membership provider, a role provider, or other source of user information. There are four scopes for a principal: user, distribution list, security group, and Windows SharePoint Services group. They are not mutually exclusive and can be combined for manipulation by Windows SharePoint Services applications. Security groups can allow or deny access to SharePoint sites or site objects such as files, lists, and controls. Users of SharePoint sites can be grouped into individual users, categories of users, or distribution lists. Access to SharePoint site objects can also be granted to all users of a client computer.