AllocateAndInitializeSid function (securitybaseapi.h)

The AllocateAndInitializeSid function allocates and initializes a security identifier (SID) with up to eight subauthorities.


BOOL AllocateAndInitializeSid(
  [in]  PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority,
  [in]  BYTE                      nSubAuthorityCount,
  [in]  DWORD                     nSubAuthority0,
  [in]  DWORD                     nSubAuthority1,
  [in]  DWORD                     nSubAuthority2,
  [in]  DWORD                     nSubAuthority3,
  [in]  DWORD                     nSubAuthority4,
  [in]  DWORD                     nSubAuthority5,
  [in]  DWORD                     nSubAuthority6,
  [in]  DWORD                     nSubAuthority7,
  [out] PSID                      *pSid


[in] pIdentifierAuthority

A pointer to a SID_IDENTIFIER_AUTHORITY structure. This structure provides the top-level identifier authority value to set in the SID.

[in] nSubAuthorityCount

Specifies the number of subauthorities to place in the SID. This parameter also identifies how many of the subauthority parameters have meaningful values. This parameter must contain a value from 1 to 8.

For example, a value of 3 indicates that the subauthority values specified by the dwSubAuthority0, dwSubAuthority1, and dwSubAuthority2 parameters have meaningful values and to ignore the remainder.

[in] nSubAuthority0

Subauthority value to place in the SID.

[in] nSubAuthority1

Subauthority value to place in the SID.

[in] nSubAuthority2

Subauthority value to place in the SID.

[in] nSubAuthority3

Subauthority value to place in the SID.

[in] nSubAuthority4

Subauthority value to place in the SID.

[in] nSubAuthority5

Subauthority value to place in the SID.

[in] nSubAuthority6

Subauthority value to place in the SID.

[in] nSubAuthority7

Subauthority value to place in the SID.

[out] pSid

A pointer to a variable that receives the pointer to the allocated and initialized SID structure.

Return value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.


A SID allocated with the AllocateAndInitializeSid function must be freed by using the FreeSid function.

This function creates a SID with a 32-bit RID value. For applications that require longer RID values, use CreateWellKnownSid.


For an example that uses this function, see Creating a Security Descriptor for a New Object or Taking Object Ownership.


Minimum supported client Windows XP [desktop apps | UWP apps]
Minimum supported server Windows Server 2003 [desktop apps | UWP apps]
Target Platform Windows
Header securitybaseapi.h (include Windows.h)
Library Advapi32.lib
DLL Advapi32.dll

See also

Access Control

Basic Access Control Functions





Well-known SIDs