WELL_KNOWN_SID_TYPE enumeration (winnt.h)
The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.
Syntax
typedef enum {
WinNullSid,
WinWorldSid,
WinLocalSid,
WinCreatorOwnerSid,
WinCreatorGroupSid,
WinCreatorOwnerServerSid,
WinCreatorGroupServerSid,
WinNtAuthoritySid,
WinDialupSid,
WinNetworkSid,
WinBatchSid,
WinInteractiveSid,
WinServiceSid,
WinAnonymousSid,
WinProxySid,
WinEnterpriseControllersSid,
WinSelfSid,
WinAuthenticatedUserSid,
WinRestrictedCodeSid,
WinTerminalServerSid,
WinRemoteLogonIdSid,
WinLogonIdsSid,
WinLocalSystemSid,
WinLocalServiceSid,
WinNetworkServiceSid,
WinBuiltinDomainSid,
WinBuiltinAdministratorsSid,
WinBuiltinUsersSid,
WinBuiltinGuestsSid,
WinBuiltinPowerUsersSid,
WinBuiltinAccountOperatorsSid,
WinBuiltinSystemOperatorsSid,
WinBuiltinPrintOperatorsSid,
WinBuiltinBackupOperatorsSid,
WinBuiltinReplicatorSid,
WinBuiltinPreWindows2000CompatibleAccessSid,
WinBuiltinRemoteDesktopUsersSid,
WinBuiltinNetworkConfigurationOperatorsSid,
WinAccountAdministratorSid,
WinAccountGuestSid,
WinAccountKrbtgtSid,
WinAccountDomainAdminsSid,
WinAccountDomainUsersSid,
WinAccountDomainGuestsSid,
WinAccountComputersSid,
WinAccountControllersSid,
WinAccountCertAdminsSid,
WinAccountSchemaAdminsSid,
WinAccountEnterpriseAdminsSid,
WinAccountPolicyAdminsSid,
WinAccountRasAndIasServersSid,
WinNTLMAuthenticationSid,
WinDigestAuthenticationSid,
WinSChannelAuthenticationSid,
WinThisOrganizationSid,
WinOtherOrganizationSid,
WinBuiltinIncomingForestTrustBuildersSid,
WinBuiltinPerfMonitoringUsersSid,
WinBuiltinPerfLoggingUsersSid,
WinBuiltinAuthorizationAccessSid,
WinBuiltinTerminalServerLicenseServersSid,
WinBuiltinDCOMUsersSid,
WinBuiltinIUsersSid,
WinIUserSid,
WinBuiltinCryptoOperatorsSid,
WinUntrustedLabelSid,
WinLowLabelSid,
WinMediumLabelSid,
WinHighLabelSid,
WinSystemLabelSid,
WinWriteRestrictedCodeSid,
WinCreatorOwnerRightsSid,
WinCacheablePrincipalsGroupSid,
WinNonCacheablePrincipalsGroupSid,
WinEnterpriseReadonlyControllersSid,
WinAccountReadonlyControllersSid,
WinBuiltinEventLogReadersGroup,
WinNewEnterpriseReadonlyControllersSid,
WinBuiltinCertSvcDComAccessGroup,
WinMediumPlusLabelSid,
WinLocalLogonSid,
WinConsoleLogonSid,
WinThisOrganizationCertificateSid,
WinApplicationPackageAuthoritySid,
WinBuiltinAnyPackageSid,
WinCapabilityInternetClientSid,
WinCapabilityInternetClientServerSid,
WinCapabilityPrivateNetworkClientServerSid,
WinCapabilityPicturesLibrarySid,
WinCapabilityVideosLibrarySid,
WinCapabilityMusicLibrarySid,
WinCapabilityDocumentsLibrarySid,
WinCapabilitySharedUserCertificatesSid,
WinCapabilityEnterpriseAuthenticationSid,
WinCapabilityRemovableStorageSid,
WinBuiltinRDSRemoteAccessServersSid,
WinBuiltinRDSEndpointServersSid,
WinBuiltinRDSManagementServersSid,
WinUserModeDriversSid,
WinBuiltinHyperVAdminsSid,
WinAccountCloneableControllersSid,
WinBuiltinAccessControlAssistanceOperatorsSid,
WinBuiltinRemoteManagementUsersSid,
WinAuthenticationAuthorityAssertedSid,
WinAuthenticationServiceAssertedSid,
WinLocalAccountSid,
WinLocalAccountAndAdministratorSid,
WinAccountProtectedUsersSid,
WinCapabilityAppointmentsSid,
WinCapabilityContactsSid,
WinAccountDefaultSystemManagedSid,
WinBuiltinDefaultSystemManagedGroupSid,
WinBuiltinStorageReplicaAdminsSid,
WinAccountKeyAdminsSid,
WinAccountEnterpriseKeyAdminsSid,
WinAuthenticationKeyTrustSid,
WinAuthenticationKeyPropertyMFASid,
WinAuthenticationKeyPropertyAttestationSid,
WinAuthenticationFreshKeyAuthSid,
WinBuiltinDeviceOwnersSid
} WELL_KNOWN_SID_TYPE;
Constants
Name | Description |
---|---|
WinNullSid | Indicates a null SID. |
WinWorldSid | Indicates a SID that matches everyone. |
WinLocalSid | Indicates a local SID. |
WinCreatorOwnerSid | Indicates a SID that matches the owner or creator of an object. |
WinCreatorGroupSid | Indicates a SID that matches the creator group of an object. |
WinCreatorOwnerServerSid | Indicates a creator owner server SID. |
WinCreatorGroupServerSid | Indicates a creator group server SID. |
WinNtAuthoritySid | Indicates a SID for the Windows NT authority account. |
WinDialupSid | Indicates a SID for a dial-up account. |
WinNetworkSid | Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK. |
WinBatchSid | Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH. |
WinInteractiveSid | Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE. |
WinServiceSid | Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE. |
WinAnonymousSid | Indicates a SID for the anonymous account. |
WinProxySid | Indicates a proxy SID. |
WinEnterpriseControllersSid | Indicates a SID for an enterprise controller. |
WinSelfSid | Indicates a SID for self. |
WinAuthenticatedUserSid | Indicates a SID that matches any authenticated user. |
WinRestrictedCodeSid | Indicates a SID for restricted code. |
WinTerminalServerSid | Indicates a SID that matches a terminal server account. |
WinRemoteLogonIdSid | Indicates a SID that matches remote logons. |
WinLogonIdsSid | Indicates a SID that matches logon IDs. |
WinLocalSystemSid | Indicates a SID that matches the local system. |
WinLocalServiceSid | Indicates a SID that matches a local service. |
WinNetworkServiceSid | Indicates a SID that matches a network service. |
WinBuiltinDomainSid | Indicates a SID that matches the domain account. |
WinBuiltinAdministratorsSid | Indicates a SID that matches the administrator group. |
WinBuiltinUsersSid | Indicates a SID that matches built-in user accounts. |
WinBuiltinGuestsSid | Indicates a SID that matches the guest account. |
WinBuiltinPowerUsersSid | Indicates a SID that matches the power users group. |
WinBuiltinAccountOperatorsSid | Indicates a SID that matches the account operators account. |
WinBuiltinSystemOperatorsSid | Indicates a SID that matches the system operators group. |
WinBuiltinPrintOperatorsSid | Indicates a SID that matches the print operators group. |
WinBuiltinBackupOperatorsSid | Indicates a SID that matches the backup operators group. |
WinBuiltinReplicatorSid | Indicates a SID that matches the replicator account. |
WinBuiltinPreWindows2000CompatibleAccessSid | Indicates a SID that matches pre-Windows 2000 compatible accounts. |
WinBuiltinRemoteDesktopUsersSid | Indicates a SID that matches remote desktop users. |
WinBuiltinNetworkConfigurationOperatorsSid | Indicates a SID that matches the network operators group. |
WinAccountAdministratorSid | Indicates a SID that matches the account administrator's account. |
WinAccountGuestSid | Indicates a SID that matches the account guest group. |
WinAccountKrbtgtSid | Indicates a SID that matches account Kerberos target group. |
WinAccountDomainAdminsSid | Indicates a SID that matches the account domain administrator group. |
WinAccountDomainUsersSid | Indicates a SID that matches the account domain users group. |
WinAccountDomainGuestsSid | Indicates a SID that matches the account domain guests group. |
WinAccountComputersSid | Indicates a SID that matches the account computer group. |
WinAccountControllersSid | Indicates a SID that matches the account controller group. |
WinAccountCertAdminsSid | Indicates a SID that matches the certificate administrators group. |
WinAccountSchemaAdminsSid | Indicates a SID that matches the schema administrators group. |
WinAccountEnterpriseAdminsSid | Indicates a SID that matches the enterprise administrators group. |
WinAccountPolicyAdminsSid | Indicates a SID that matches the policy administrators group. |
WinAccountRasAndIasServersSid | Indicates a SID that matches the RAS and IAS server account. |
WinNTLMAuthenticationSid | Indicates a SID present when the Microsoft NTLM authentication package authenticated the client. |
WinDigestAuthenticationSid | Indicates a SID present when the Microsoft Digest authentication package authenticated the client. |
WinSChannelAuthenticationSid | Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client. |
WinThisOrganizationSid | Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present. |
WinOtherOrganizationSid | Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present. |
WinBuiltinIncomingForestTrustBuildersSid | Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest. |
WinBuiltinPerfMonitoringUsersSid | Indicates a SID that matches the performance monitor user group. |
WinBuiltinPerfLoggingUsersSid | Indicates a SID that matches the performance log user group. |
WinBuiltinAuthorizationAccessSid | Indicates a SID that matches the Windows Authorization Access group. |
WinBuiltinTerminalServerLicenseServersSid | Indicates a SID is present in a server that can issue terminal server licenses. |
WinBuiltinDCOMUsersSid | Indicates a SID that matches the distributed COM user group. |
WinBuiltinIUsersSid | Indicates a SID that matches the Internet built-in user group. |
WinIUserSid | Indicates a SID that matches the Internet user group. |
WinBuiltinCryptoOperatorsSid | Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group. |
WinUntrustedLabelSid | Indicates a SID that matches an untrusted label. |
WinLowLabelSid | Indicates a SID that matches an low level of trust label. |
WinMediumLabelSid | Indicates a SID that matches an medium level of trust label. |
WinHighLabelSid | Indicates a SID that matches a high level of trust label. |
WinSystemLabelSid | Indicates a SID that matches a system label. |
WinWriteRestrictedCodeSid | Indicates a SID that matches a write restricted code group. |
WinCreatorOwnerRightsSid | Indicates a SID that matches a creator and owner rights group. |
WinCacheablePrincipalsGroupSid | Indicates a SID that matches a cacheable principals group. |
WinNonCacheablePrincipalsGroupSid | Indicates a SID that matches a non-cacheable principals group. |
WinEnterpriseReadonlyControllersSid | Indicates a SID that matches an enterprise wide read-only controllers group. |
WinAccountReadonlyControllersSid | Indicates a SID that matches an account read-only controllers group. |
WinBuiltinEventLogReadersGroup | Indicates a SID that matches an event log readers group. |
WinNewEnterpriseReadonlyControllersSid | Indicates a SID that matches a read-only enterprise domain controller. |
WinBuiltinCertSvcDComAccessGroup | Indicates a SID that matches the built-in DCOM certification services access group. |
WinMediumPlusLabelSid | Indicates a SID that matches the medium plus integrity label. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinLocalLogonSid | Indicates a SID that matches a local logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinConsoleLogonSid | Indicates a SID that matches a console logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinThisOrganizationCertificateSid | Indicates a SID that matches a certificate for the given organization. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinApplicationPackageAuthoritySid | Indicates a SID that matches the application package authority. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinBuiltinAnyPackageSid | Indicates a SID that applies to all app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityInternetClientSid | Indicates a SID of Internet client capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityInternetClientServerSid | Indicates a SID of Internet client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityPrivateNetworkClientServerSid | Indicates a SID of private network client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityPicturesLibrarySid | Indicates a SID for pictures library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityVideosLibrarySid | Indicates a SID for videos library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityMusicLibrarySid | Indicates a SID for music library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityDocumentsLibrarySid | Indicates a SID for documents library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilitySharedUserCertificatesSid | Indicates a SID for shared user certificates capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityEnterpriseAuthenticationSid | Indicates a SID for Windows credentials capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityRemovableStorageSid | Indicates a SID for removable storage capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinBuiltinRDSRemoteAccessServersSid | |
WinBuiltinRDSEndpointServersSid | |
WinBuiltinRDSManagementServersSid | |
WinUserModeDriversSid | |
WinBuiltinHyperVAdminsSid | |
WinAccountCloneableControllersSid | |
WinBuiltinAccessControlAssistanceOperatorsSid | |
WinBuiltinRemoteManagementUsersSid | |
WinAuthenticationAuthorityAssertedSid | |
WinAuthenticationServiceAssertedSid | |
WinLocalAccountSid | |
WinLocalAccountAndAdministratorSid | |
WinAccountProtectedUsersSid | |
WinCapabilityAppointmentsSid | |
WinCapabilityContactsSid | |
WinAccountDefaultSystemManagedSid | |
WinBuiltinDefaultSystemManagedGroupSid | |
WinBuiltinStorageReplicaAdminsSid | |
WinAccountKeyAdminsSid | |
WinAccountEnterpriseKeyAdminsSid | |
WinAuthenticationKeyTrustSid | |
WinAuthenticationKeyPropertyMFASid | |
WinAuthenticationKeyPropertyAttestationSid | |
WinAuthenticationFreshKeyAuthSid | |
WinBuiltinDeviceOwnersSid |
Requirements
Minimum supported client | Windows XP [desktop apps only] |
Minimum supported server | Windows Server 2003 [desktop apps only] |
Header | winnt.h (include Windows.h) |