WELL_KNOWN_SID_TYPE enumeration (winnt.h)
The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.
Syntax
typedef enum {
WinNullSid,
WinWorldSid,
WinLocalSid,
WinCreatorOwnerSid,
WinCreatorGroupSid,
WinCreatorOwnerServerSid,
WinCreatorGroupServerSid,
WinNtAuthoritySid,
WinDialupSid,
WinNetworkSid,
WinBatchSid,
WinInteractiveSid,
WinServiceSid,
WinAnonymousSid,
WinProxySid,
WinEnterpriseControllersSid,
WinSelfSid,
WinAuthenticatedUserSid,
WinRestrictedCodeSid,
WinTerminalServerSid,
WinRemoteLogonIdSid,
WinLogonIdsSid,
WinLocalSystemSid,
WinLocalServiceSid,
WinNetworkServiceSid,
WinBuiltinDomainSid,
WinBuiltinAdministratorsSid,
WinBuiltinUsersSid,
WinBuiltinGuestsSid,
WinBuiltinPowerUsersSid,
WinBuiltinAccountOperatorsSid,
WinBuiltinSystemOperatorsSid,
WinBuiltinPrintOperatorsSid,
WinBuiltinBackupOperatorsSid,
WinBuiltinReplicatorSid,
WinBuiltinPreWindows2000CompatibleAccessSid,
WinBuiltinRemoteDesktopUsersSid,
WinBuiltinNetworkConfigurationOperatorsSid,
WinAccountAdministratorSid,
WinAccountGuestSid,
WinAccountKrbtgtSid,
WinAccountDomainAdminsSid,
WinAccountDomainUsersSid,
WinAccountDomainGuestsSid,
WinAccountComputersSid,
WinAccountControllersSid,
WinAccountCertAdminsSid,
WinAccountSchemaAdminsSid,
WinAccountEnterpriseAdminsSid,
WinAccountPolicyAdminsSid,
WinAccountRasAndIasServersSid,
WinNTLMAuthenticationSid,
WinDigestAuthenticationSid,
WinSChannelAuthenticationSid,
WinThisOrganizationSid,
WinOtherOrganizationSid,
WinBuiltinIncomingForestTrustBuildersSid,
WinBuiltinPerfMonitoringUsersSid,
WinBuiltinPerfLoggingUsersSid,
WinBuiltinAuthorizationAccessSid,
WinBuiltinTerminalServerLicenseServersSid,
WinBuiltinDCOMUsersSid,
WinBuiltinIUsersSid,
WinIUserSid,
WinBuiltinCryptoOperatorsSid,
WinUntrustedLabelSid,
WinLowLabelSid,
WinMediumLabelSid,
WinHighLabelSid,
WinSystemLabelSid,
WinWriteRestrictedCodeSid,
WinCreatorOwnerRightsSid,
WinCacheablePrincipalsGroupSid,
WinNonCacheablePrincipalsGroupSid,
WinEnterpriseReadonlyControllersSid,
WinAccountReadonlyControllersSid,
WinBuiltinEventLogReadersGroup,
WinNewEnterpriseReadonlyControllersSid,
WinBuiltinCertSvcDComAccessGroup,
WinMediumPlusLabelSid,
WinLocalLogonSid,
WinConsoleLogonSid,
WinThisOrganizationCertificateSid,
WinApplicationPackageAuthoritySid,
WinBuiltinAnyPackageSid,
WinCapabilityInternetClientSid,
WinCapabilityInternetClientServerSid,
WinCapabilityPrivateNetworkClientServerSid,
WinCapabilityPicturesLibrarySid,
WinCapabilityVideosLibrarySid,
WinCapabilityMusicLibrarySid,
WinCapabilityDocumentsLibrarySid,
WinCapabilitySharedUserCertificatesSid,
WinCapabilityEnterpriseAuthenticationSid,
WinCapabilityRemovableStorageSid,
WinBuiltinRDSRemoteAccessServersSid,
WinBuiltinRDSEndpointServersSid,
WinBuiltinRDSManagementServersSid,
WinUserModeDriversSid,
WinBuiltinHyperVAdminsSid,
WinAccountCloneableControllersSid,
WinBuiltinAccessControlAssistanceOperatorsSid,
WinBuiltinRemoteManagementUsersSid,
WinAuthenticationAuthorityAssertedSid,
WinAuthenticationServiceAssertedSid,
WinLocalAccountSid,
WinLocalAccountAndAdministratorSid,
WinAccountProtectedUsersSid,
WinCapabilityAppointmentsSid,
WinCapabilityContactsSid,
WinAccountDefaultSystemManagedSid,
WinBuiltinDefaultSystemManagedGroupSid,
WinBuiltinStorageReplicaAdminsSid,
WinAccountKeyAdminsSid,
WinAccountEnterpriseKeyAdminsSid,
WinAuthenticationKeyTrustSid,
WinAuthenticationKeyPropertyMFASid,
WinAuthenticationKeyPropertyAttestationSid,
WinAuthenticationFreshKeyAuthSid,
WinBuiltinDeviceOwnersSid
} WELL_KNOWN_SID_TYPE;
Constants
| Name | Description |
|---|---|
| WinNullSid | Indicates a null SID. |
| WinWorldSid | Indicates a SID that matches everyone. |
| WinLocalSid | Indicates a local SID. |
| WinCreatorOwnerSid | Indicates a SID that matches the owner or creator of an object. |
| WinCreatorGroupSid | Indicates a SID that matches the creator group of an object. |
| WinCreatorOwnerServerSid | Indicates a creator owner server SID. |
| WinCreatorGroupServerSid | Indicates a creator group server SID. |
| WinNtAuthoritySid | Indicates a SID for the Windows NT authority account. |
| WinDialupSid | Indicates a SID for a dial-up account. |
| WinNetworkSid | Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK. |
| WinBatchSid | Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH. |
| WinInteractiveSid | Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE. |
| WinServiceSid | Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE. |
| WinAnonymousSid | Indicates a SID for the anonymous account. |
| WinProxySid | Indicates a proxy SID. |
| WinEnterpriseControllersSid | Indicates a SID for an enterprise controller. |
| WinSelfSid | Indicates a SID for self. |
| WinAuthenticatedUserSid | Indicates a SID that matches any authenticated user. |
| WinRestrictedCodeSid | Indicates a SID for restricted code. |
| WinTerminalServerSid | Indicates a SID that matches a terminal server account. |
| WinRemoteLogonIdSid | Indicates a SID that matches remote logons. |
| WinLogonIdsSid | Indicates a SID that matches logon IDs. |
| WinLocalSystemSid | Indicates a SID that matches the local system. |
| WinLocalServiceSid | Indicates a SID that matches a local service. |
| WinNetworkServiceSid | Indicates a SID that matches a network service. |
| WinBuiltinDomainSid | Indicates a SID that matches the domain account. |
| WinBuiltinAdministratorsSid | Indicates a SID that matches the administrator group. |
| WinBuiltinUsersSid | Indicates a SID that matches built-in user accounts. |
| WinBuiltinGuestsSid | Indicates a SID that matches the guest account. |
| WinBuiltinPowerUsersSid | Indicates a SID that matches the power users group. |
| WinBuiltinAccountOperatorsSid | Indicates a SID that matches the account operators account. |
| WinBuiltinSystemOperatorsSid | Indicates a SID that matches the system operators group. |
| WinBuiltinPrintOperatorsSid | Indicates a SID that matches the print operators group. |
| WinBuiltinBackupOperatorsSid | Indicates a SID that matches the backup operators group. |
| WinBuiltinReplicatorSid | Indicates a SID that matches the replicator account. |
| WinBuiltinPreWindows2000CompatibleAccessSid | Indicates a SID that matches pre-Windows 2000 compatible accounts. |
| WinBuiltinRemoteDesktopUsersSid | Indicates a SID that matches remote desktop users. |
| WinBuiltinNetworkConfigurationOperatorsSid | Indicates a SID that matches the network operators group. |
| WinAccountAdministratorSid | Indicates a SID that matches the account administrator's account. |
| WinAccountGuestSid | Indicates a SID that matches the account guest group. |
| WinAccountKrbtgtSid | Indicates a SID that matches account Kerberos target group. |
| WinAccountDomainAdminsSid | Indicates a SID that matches the account domain administrator group. |
| WinAccountDomainUsersSid | Indicates a SID that matches the account domain users group. |
| WinAccountDomainGuestsSid | Indicates a SID that matches the account domain guests group. |
| WinAccountComputersSid | Indicates a SID that matches the account computer group. |
| WinAccountControllersSid | Indicates a SID that matches the account controller group. |
| WinAccountCertAdminsSid | Indicates a SID that matches the certificate administrators group. |
| WinAccountSchemaAdminsSid | Indicates a SID that matches the schema administrators group. |
| WinAccountEnterpriseAdminsSid | Indicates a SID that matches the enterprise administrators group. |
| WinAccountPolicyAdminsSid | Indicates a SID that matches the policy administrators group. |
| WinAccountRasAndIasServersSid | Indicates a SID that matches the RAS and IAS server account. |
| WinNTLMAuthenticationSid | Indicates a SID present when the Microsoft NTLM authentication package authenticated the client. |
| WinDigestAuthenticationSid | Indicates a SID present when the Microsoft Digest authentication package authenticated the client. |
| WinSChannelAuthenticationSid | Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client. |
| WinThisOrganizationSid | Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present. |
| WinOtherOrganizationSid | Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present. |
| WinBuiltinIncomingForestTrustBuildersSid | Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest. |
| WinBuiltinPerfMonitoringUsersSid | Indicates a SID that matches the performance monitor user group. |
| WinBuiltinPerfLoggingUsersSid | Indicates a SID that matches the performance log user group. |
| WinBuiltinAuthorizationAccessSid | Indicates a SID that matches the Windows Authorization Access group. |
| WinBuiltinTerminalServerLicenseServersSid | Indicates a SID is present in a server that can issue terminal server licenses. |
| WinBuiltinDCOMUsersSid | Indicates a SID that matches the distributed COM user group. |
| WinBuiltinIUsersSid | Indicates a SID that matches the Internet built-in user group. |
| WinIUserSid | Indicates a SID that matches the Internet user group. |
| WinBuiltinCryptoOperatorsSid | Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group. |
| WinUntrustedLabelSid | Indicates a SID that matches an untrusted label. |
| WinLowLabelSid | Indicates a SID that matches an low level of trust label. |
| WinMediumLabelSid | Indicates a SID that matches an medium level of trust label. |
| WinHighLabelSid | Indicates a SID that matches a high level of trust label. |
| WinSystemLabelSid | Indicates a SID that matches a system label. |
| WinWriteRestrictedCodeSid | Indicates a SID that matches a write restricted code group. |
| WinCreatorOwnerRightsSid | Indicates a SID that matches a creator and owner rights group. |
| WinCacheablePrincipalsGroupSid | Indicates a SID that matches a cacheable principals group. |
| WinNonCacheablePrincipalsGroupSid | Indicates a SID that matches a non-cacheable principals group. |
| WinEnterpriseReadonlyControllersSid | Indicates a SID that matches an enterprise wide read-only controllers group. |
| WinAccountReadonlyControllersSid | Indicates a SID that matches an account read-only controllers group. |
| WinBuiltinEventLogReadersGroup | Indicates a SID that matches an event log readers group. |
| WinNewEnterpriseReadonlyControllersSid | Indicates a SID that matches a read-only enterprise domain controller. |
| WinBuiltinCertSvcDComAccessGroup | Indicates a SID that matches the built-in DCOM certification services access group. |
| WinMediumPlusLabelSid | Indicates a SID that matches the medium plus integrity label. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinLocalLogonSid | Indicates a SID that matches a local logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinConsoleLogonSid | Indicates a SID that matches a console logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinThisOrganizationCertificateSid | Indicates a SID that matches a certificate for the given organization. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinApplicationPackageAuthoritySid | Indicates a SID that matches the application package authority. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinBuiltinAnyPackageSid | Indicates a SID that applies to all app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityInternetClientSid | Indicates a SID of Internet client capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityInternetClientServerSid | Indicates a SID of Internet client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityPrivateNetworkClientServerSid | Indicates a SID of private network client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityPicturesLibrarySid | Indicates a SID for pictures library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityVideosLibrarySid | Indicates a SID for videos library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityMusicLibrarySid | Indicates a SID for music library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityDocumentsLibrarySid | Indicates a SID for documents library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilitySharedUserCertificatesSid | Indicates a SID for shared user certificates capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityEnterpriseAuthenticationSid | Indicates a SID for Windows credentials capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinCapabilityRemovableStorageSid | Indicates a SID for removable storage capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
| WinBuiltinRDSRemoteAccessServersSid | |
| WinBuiltinRDSEndpointServersSid | |
| WinBuiltinRDSManagementServersSid | |
| WinUserModeDriversSid | |
| WinBuiltinHyperVAdminsSid | |
| WinAccountCloneableControllersSid | |
| WinBuiltinAccessControlAssistanceOperatorsSid | |
| WinBuiltinRemoteManagementUsersSid | |
| WinAuthenticationAuthorityAssertedSid | |
| WinAuthenticationServiceAssertedSid | |
| WinLocalAccountSid | |
| WinLocalAccountAndAdministratorSid | |
| WinAccountProtectedUsersSid | |
| WinCapabilityAppointmentsSid | |
| WinCapabilityContactsSid | |
| WinAccountDefaultSystemManagedSid | |
| WinBuiltinDefaultSystemManagedGroupSid | |
| WinBuiltinStorageReplicaAdminsSid | |
| WinAccountKeyAdminsSid | |
| WinAccountEnterpriseKeyAdminsSid | |
| WinAuthenticationKeyTrustSid | |
| WinAuthenticationKeyPropertyMFASid | |
| WinAuthenticationKeyPropertyAttestationSid | |
| WinAuthenticationFreshKeyAuthSid | |
| WinBuiltinDeviceOwnersSid |
Requirements
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header | winnt.h (include Windows.h) |