WELL_KNOWN_SID_TYPE Enumeration

The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.

Syntax

typedef enum WELL_KNOWN_SID_TYPE {
  WinNullSid                                     ,
  WinWorldSid                                    ,
  WinLocalSid                                    ,
  WinCreatorOwnerSid                             ,
  WinCreatorGroupSid                             ,
  WinCreatorOwnerServerSid                       ,
  WinCreatorGroupServerSid                       ,
  WinNtAuthoritySid                              ,
  WinDialupSid                                   ,
  WinNetworkSid                                  ,
  WinBatchSid                                    ,
  WinInteractiveSid                              ,
  WinServiceSid                                  ,
  WinAnonymousSid                                ,
  WinProxySid                                    ,
  WinEnterpriseControllersSid                    ,
  WinSelfSid                                     ,
  WinAuthenticatedUserSid                        ,
  WinRestrictedCodeSid                           ,
  WinTerminalServerSid                           ,
  WinRemoteLogonIdSid                            ,
  WinLogonIdsSid                                 ,
  WinLocalSystemSid                              ,
  WinLocalServiceSid                             ,
  WinNetworkServiceSid                           ,
  WinBuiltinDomainSid                            ,
  WinBuiltinAdministratorsSid                    ,
  WinBuiltinUsersSid                             ,
  WinBuiltinGuestsSid                            ,
  WinBuiltinPowerUsersSid                        ,
  WinBuiltinAccountOperatorsSid                  ,
  WinBuiltinSystemOperatorsSid                   ,
  WinBuiltinPrintOperatorsSid                    ,
  WinBuiltinBackupOperatorsSid                   ,
  WinBuiltinReplicatorSid                        ,
  WinBuiltinPreWindows2000CompatibleAccessSid    ,
  WinBuiltinRemoteDesktopUsersSid                ,
  WinBuiltinNetworkConfigurationOperatorsSid     ,
  WinAccountAdministratorSid                     ,
  WinAccountGuestSid                             ,
  WinAccountKrbtgtSid                            ,
  WinAccountDomainAdminsSid                      ,
  WinAccountDomainUsersSid                       ,
  WinAccountDomainGuestsSid                      ,
  WinAccountComputersSid                         ,
  WinAccountControllersSid                       ,
  WinAccountCertAdminsSid                        ,
  WinAccountSchemaAdminsSid                      ,
  WinAccountEnterpriseAdminsSid                  ,
  WinAccountPolicyAdminsSid                      ,
  WinAccountRasAndIasServersSid                  ,
  WinNTLMAuthenticationSid                       ,
  WinDigestAuthenticationSid                     ,
  WinSChannelAuthenticationSid                   ,
  WinThisOrganizationSid                         ,
  WinOtherOrganizationSid                        ,
  WinBuiltinIncomingForestTrustBuildersSid       ,
  WinBuiltinPerfMonitoringUsersSid               ,
  WinBuiltinPerfLoggingUsersSid                  ,
  WinBuiltinAuthorizationAccessSid               ,
  WinBuiltinTerminalServerLicenseServersSid      ,
  WinBuiltinDCOMUsersSid                         ,
  WinBuiltinIUsersSid                            ,
  WinIUserSid                                    ,
  WinBuiltinCryptoOperatorsSid                   ,
  WinUntrustedLabelSid                           ,
  WinLowLabelSid                                 ,
  WinMediumLabelSid                              ,
  WinHighLabelSid                                ,
  WinSystemLabelSid                              ,
  WinWriteRestrictedCodeSid                      ,
  WinCreatorOwnerRightsSid                       ,
  WinCacheablePrincipalsGroupSid                 ,
  WinNonCacheablePrincipalsGroupSid              ,
  WinEnterpriseReadonlyControllersSid            ,
  WinAccountReadonlyControllersSid               ,
  WinBuiltinEventLogReadersGroup                 ,
  WinNewEnterpriseReadonlyControllersSid         ,
  WinBuiltinCertSvcDComAccessGroup               ,
  WinMediumPlusLabelSid                          ,
  WinLocalLogonSid                               ,
  WinConsoleLogonSid                             ,
  WinThisOrganizationCertificateSid              ,
  WinApplicationPackageAuthoritySid              ,
  WinBuiltinAnyPackageSid                        ,
  WinCapabilityInternetClientSid                 ,
  WinCapabilityInternetClientServerSid           ,
  WinCapabilityPrivateNetworkClientServerSid     ,
  WinCapabilityPicturesLibrarySid                ,
  WinCapabilityVideosLibrarySid                  ,
  WinCapabilityMusicLibrarySid                   ,
  WinCapabilityDocumentsLibrarySid               ,
  WinCapabilitySharedUserCertificatesSid         ,
  WinCapabilityEnterpriseAuthenticationSid       ,
  WinCapabilityRemovableStorageSid               ,
  WinBuiltinRDSRemoteAccessServersSid            ,
  WinBuiltinRDSEndpointServersSid                ,
  WinBuiltinRDSManagementServersSid              ,
  WinUserModeDriversSid                          ,
  WinBuiltinHyperVAdminsSid                      ,
  WinAccountCloneableControllersSid              ,
  WinBuiltinAccessControlAssistanceOperatorsSid  ,
  WinBuiltinRemoteManagementUsersSid             ,
  WinAuthenticationAuthorityAssertedSid          ,
  WinAuthenticationServiceAssertedSid            ,
  WinLocalAccountSid                             ,
  WinLocalAccountAndAdministratorSid             ,
  WinAccountProtectedUsersSid                    ,
  WinCapabilityAppointmentsSid                   ,
  WinCapabilityContactsSid                       ,
  WinAccountDefaultSystemManagedSid              ,
  WinBuiltinDefaultSystemManagedGroupSid         ,
  WinBuiltinStorageReplicaAdminsSid              ,
  WinAccountKeyAdminsSid                         ,
  WinAccountEnterpriseKeyAdminsSid               ,
  WinAuthenticationKeyTrustSid                   ,
  WinAuthenticationKeyPropertyMFASid             ,
  WinAuthenticationKeyPropertyAttestationSid     ,
  WinAuthenticationFreshKeyAuthSid               ,
  WinBuiltinDeviceOwnersSid
} ;

Constants

WinNullSid Indicates a null SID.
WinWorldSid Indicates a SID that matches everyone.
WinLocalSid Indicates a local SID.
WinCreatorOwnerSid Indicates a SID that matches the owner or creator of an object.
WinCreatorGroupSid Indicates a SID that matches the creator group of an object.
WinCreatorOwnerServerSid Indicates a creator owner server SID.
WinCreatorGroupServerSid Indicates a creator group server SID.
WinNtAuthoritySid Indicates a SID for the Windows NT authority account.
WinDialupSid Indicates a SID for a dial-up account.
WinNetworkSid Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK.
WinBatchSid Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH.
WinInteractiveSid Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE.
WinServiceSid Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE.
WinAnonymousSid Indicates a SID for the anonymous account.
WinProxySid Indicates a proxy SID.
WinEnterpriseControllersSid Indicates a SID for an enterprise controller.
WinSelfSid Indicates a SID for self.
WinAuthenticatedUserSid Indicates a SID that matches any authenticated user.
WinRestrictedCodeSid Indicates a SID for restricted code.
WinTerminalServerSid Indicates a SID that matches a terminal server account.
WinRemoteLogonIdSid Indicates a SID that matches remote logons.
WinLogonIdsSid Indicates a SID that matches logon IDs.
WinLocalSystemSid Indicates a SID that matches the local system.
WinLocalServiceSid Indicates a SID that matches a local service.
WinNetworkServiceSid Indicates a SID that matches a network service.
WinBuiltinDomainSid Indicates a SID that matches the domain account.
WinBuiltinAdministratorsSid Indicates a SID that matches the administrator group.
WinBuiltinUsersSid Indicates a SID that matches built-in user accounts.
WinBuiltinGuestsSid Indicates a SID that matches the guest account.
WinBuiltinPowerUsersSid Indicates a SID that matches the power users group.
WinBuiltinAccountOperatorsSid Indicates a SID that matches the account operators account.
WinBuiltinSystemOperatorsSid Indicates a SID that matches the system operators group.
WinBuiltinPrintOperatorsSid Indicates a SID that matches the print operators group.
WinBuiltinBackupOperatorsSid Indicates a SID that matches the backup operators group.
WinBuiltinReplicatorSid Indicates a SID that matches the replicator account.
WinBuiltinPreWindows2000CompatibleAccessSid Indicates a SID that matches pre-Windows 2000 compatible accounts.
WinBuiltinRemoteDesktopUsersSid Indicates a SID that matches remote desktop users.
WinBuiltinNetworkConfigurationOperatorsSid Indicates a SID that matches the network operators group.
WinAccountAdministratorSid Indicates a SID that matches the account administrator's account.
WinAccountGuestSid Indicates a SID that matches the account guest group.
WinAccountKrbtgtSid Indicates a SID that matches account Kerberos target group.
WinAccountDomainAdminsSid Indicates a SID that matches the account domain administrator group.
WinAccountDomainUsersSid Indicates a SID that matches the account domain users group.
WinAccountDomainGuestsSid Indicates a SID that matches the account domain guests group.
WinAccountComputersSid Indicates a SID that matches the account computer group.
WinAccountControllersSid Indicates a SID that matches the account controller group.
WinAccountCertAdminsSid Indicates a SID that matches the certificate administrators group.
WinAccountSchemaAdminsSid Indicates a SID that matches the schema administrators group.
WinAccountEnterpriseAdminsSid Indicates a SID that matches the enterprise administrators group.
WinAccountPolicyAdminsSid Indicates a SID that matches the policy administrators group.
WinAccountRasAndIasServersSid Indicates a SID that matches the RAS and IAS server account.
WinNTLMAuthenticationSid Indicates a SID present when the Microsoft NTLM authentication package authenticated the client.
WinDigestAuthenticationSid Indicates a SID present when the Microsoft Digest authentication package authenticated the client.
WinSChannelAuthenticationSid Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client.
WinThisOrganizationSid Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present.
WinOtherOrganizationSid Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present.
WinBuiltinIncomingForestTrustBuildersSid Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest.
WinBuiltinPerfMonitoringUsersSid Indicates a SID that matches the performance monitor user group.
WinBuiltinPerfLoggingUsersSid Indicates a SID that matches the performance log user group.
WinBuiltinAuthorizationAccessSid Indicates a SID that matches the Windows Authorization Access group.
WinBuiltinTerminalServerLicenseServersSid Indicates a SID is present in a server that can issue terminal server licenses.
WinBuiltinDCOMUsersSid Indicates a SID that matches the distributed COM user group.
WinBuiltinIUsersSid Indicates a SID that matches the Internet built-in user group.
WinIUserSid Indicates a SID that matches the Internet user group.
WinBuiltinCryptoOperatorsSid Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group.
WinUntrustedLabelSid Indicates a SID that matches an untrusted label.
WinLowLabelSid Indicates a SID that matches an low level of trust label.
WinMediumLabelSid Indicates a SID that matches an medium level of trust label.
WinHighLabelSid Indicates a SID that matches a high level of trust label.
WinSystemLabelSid Indicates a SID that matches a system label.
WinWriteRestrictedCodeSid Indicates a SID that matches a write restricted code group.
WinCreatorOwnerRightsSid Indicates a SID that matches a creator and owner rights group.
WinCacheablePrincipalsGroupSid Indicates a SID that matches a cacheable principals group.
WinNonCacheablePrincipalsGroupSid Indicates a SID that matches a non-cacheable principals group.
WinEnterpriseReadonlyControllersSid Indicates a SID that matches an enterprise wide read-only controllers group.
WinAccountReadonlyControllersSid Indicates a SID that matches an account read-only controllers group.
WinBuiltinEventLogReadersGroup Indicates a SID that matches an event log readers group.
WinNewEnterpriseReadonlyControllersSid Indicates a SID that matches a read-only enterprise domain controller.
WinBuiltinCertSvcDComAccessGroup Indicates a SID that matches the built-in DCOM certification services access group.
WinMediumPlusLabelSid Indicates a SID that matches the medium plus integrity label.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinLocalLogonSid Indicates a SID that matches a local logon group.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinConsoleLogonSid Indicates a SID that matches a console logon group.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinThisOrganizationCertificateSid Indicates a SID that matches a certificate for the given organization.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinApplicationPackageAuthoritySid Indicates a SID that matches the application package authority.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinBuiltinAnyPackageSid Indicates a SID that applies to all app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityInternetClientSid Indicates a SID of Internet client capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityInternetClientServerSid Indicates a SID of Internet client and server capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityPrivateNetworkClientServerSid Indicates a SID of private network client and server capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityPicturesLibrarySid Indicates a SID for pictures library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityVideosLibrarySid Indicates a SID for videos library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityMusicLibrarySid Indicates a SID for music library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityDocumentsLibrarySid Indicates a SID for documents library capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilitySharedUserCertificatesSid Indicates a SID for shared user certificates capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityEnterpriseAuthenticationSid Indicates a SID for Windows credentials capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinCapabilityRemovableStorageSid Indicates a SID for removable storage capability for app containers.

Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP:  This value is not available.

WinBuiltinRDSRemoteAccessServersSid
WinBuiltinRDSEndpointServersSid
WinBuiltinRDSManagementServersSid
WinUserModeDriversSid
WinBuiltinHyperVAdminsSid
WinAccountCloneableControllersSid
WinBuiltinAccessControlAssistanceOperatorsSid
WinBuiltinRemoteManagementUsersSid
WinAuthenticationAuthorityAssertedSid
WinAuthenticationServiceAssertedSid
WinLocalAccountSid
WinLocalAccountAndAdministratorSid
WinAccountProtectedUsersSid
WinCapabilityAppointmentsSid
WinCapabilityContactsSid
WinAccountDefaultSystemManagedSid
WinBuiltinDefaultSystemManagedGroupSid
WinBuiltinStorageReplicaAdminsSid
WinAccountKeyAdminsSid
WinAccountEnterpriseKeyAdminsSid
WinAuthenticationKeyTrustSid
WinAuthenticationKeyPropertyMFASid
WinAuthenticationKeyPropertyAttestationSid
WinAuthenticationFreshKeyAuthSid
WinBuiltinDeviceOwnersSid

Requirements

   
Windows version Windows XP [desktop apps only] Windows Server 2003 [desktop apps only]
Header winnt.h (include Windows.h)

See Also

Allowing Anonymous Access

CreateWellKnownSid

IsWellKnownSid

Well-known SIDs