WELL_KNOWN_SID_TYPE enumeration (winnt.h)

12/05/2018
7 minutes to read

The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.

Syntax

typedef enum  {
  WinNullSid,
  WinWorldSid,
  WinLocalSid,
  WinCreatorOwnerSid,
  WinCreatorGroupSid,
  WinCreatorOwnerServerSid,
  WinCreatorGroupServerSid,
  WinNtAuthoritySid,
  WinDialupSid,
  WinNetworkSid,
  WinBatchSid,
  WinInteractiveSid,
  WinServiceSid,
  WinAnonymousSid,
  WinProxySid,
  WinEnterpriseControllersSid,
  WinSelfSid,
  WinAuthenticatedUserSid,
  WinRestrictedCodeSid,
  WinTerminalServerSid,
  WinRemoteLogonIdSid,
  WinLogonIdsSid,
  WinLocalSystemSid,
  WinLocalServiceSid,
  WinNetworkServiceSid,
  WinBuiltinDomainSid,
  WinBuiltinAdministratorsSid,
  WinBuiltinUsersSid,
  WinBuiltinGuestsSid,
  WinBuiltinPowerUsersSid,
  WinBuiltinAccountOperatorsSid,
  WinBuiltinSystemOperatorsSid,
  WinBuiltinPrintOperatorsSid,
  WinBuiltinBackupOperatorsSid,
  WinBuiltinReplicatorSid,
  WinBuiltinPreWindows2000CompatibleAccessSid,
  WinBuiltinRemoteDesktopUsersSid,
  WinBuiltinNetworkConfigurationOperatorsSid,
  WinAccountAdministratorSid,
  WinAccountGuestSid,
  WinAccountKrbtgtSid,
  WinAccountDomainAdminsSid,
  WinAccountDomainUsersSid,
  WinAccountDomainGuestsSid,
  WinAccountComputersSid,
  WinAccountControllersSid,
  WinAccountCertAdminsSid,
  WinAccountSchemaAdminsSid,
  WinAccountEnterpriseAdminsSid,
  WinAccountPolicyAdminsSid,
  WinAccountRasAndIasServersSid,
  WinNTLMAuthenticationSid,
  WinDigestAuthenticationSid,
  WinSChannelAuthenticationSid,
  WinThisOrganizationSid,
  WinOtherOrganizationSid,
  WinBuiltinIncomingForestTrustBuildersSid,
  WinBuiltinPerfMonitoringUsersSid,
  WinBuiltinPerfLoggingUsersSid,
  WinBuiltinAuthorizationAccessSid,
  WinBuiltinTerminalServerLicenseServersSid,
  WinBuiltinDCOMUsersSid,
  WinBuiltinIUsersSid,
  WinIUserSid,
  WinBuiltinCryptoOperatorsSid,
  WinUntrustedLabelSid,
  WinLowLabelSid,
  WinMediumLabelSid,
  WinHighLabelSid,
  WinSystemLabelSid,
  WinWriteRestrictedCodeSid,
  WinCreatorOwnerRightsSid,
  WinCacheablePrincipalsGroupSid,
  WinNonCacheablePrincipalsGroupSid,
  WinEnterpriseReadonlyControllersSid,
  WinAccountReadonlyControllersSid,
  WinBuiltinEventLogReadersGroup,
  WinNewEnterpriseReadonlyControllersSid,
  WinBuiltinCertSvcDComAccessGroup,
  WinMediumPlusLabelSid,
  WinLocalLogonSid,
  WinConsoleLogonSid,
  WinThisOrganizationCertificateSid,
  WinApplicationPackageAuthoritySid,
  WinBuiltinAnyPackageSid,
  WinCapabilityInternetClientSid,
  WinCapabilityInternetClientServerSid,
  WinCapabilityPrivateNetworkClientServerSid,
  WinCapabilityPicturesLibrarySid,
  WinCapabilityVideosLibrarySid,
  WinCapabilityMusicLibrarySid,
  WinCapabilityDocumentsLibrarySid,
  WinCapabilitySharedUserCertificatesSid,
  WinCapabilityEnterpriseAuthenticationSid,
  WinCapabilityRemovableStorageSid,
  WinBuiltinRDSRemoteAccessServersSid,
  WinBuiltinRDSEndpointServersSid,
  WinBuiltinRDSManagementServersSid,
  WinUserModeDriversSid,
  WinBuiltinHyperVAdminsSid,
  WinAccountCloneableControllersSid,
  WinBuiltinAccessControlAssistanceOperatorsSid,
  WinBuiltinRemoteManagementUsersSid,
  WinAuthenticationAuthorityAssertedSid,
  WinAuthenticationServiceAssertedSid,
  WinLocalAccountSid,
  WinLocalAccountAndAdministratorSid,
  WinAccountProtectedUsersSid,
  WinCapabilityAppointmentsSid,
  WinCapabilityContactsSid,
  WinAccountDefaultSystemManagedSid,
  WinBuiltinDefaultSystemManagedGroupSid,
  WinBuiltinStorageReplicaAdminsSid,
  WinAccountKeyAdminsSid,
  WinAccountEnterpriseKeyAdminsSid,
  WinAuthenticationKeyTrustSid,
  WinAuthenticationKeyPropertyMFASid,
  WinAuthenticationKeyPropertyAttestationSid,
  WinAuthenticationFreshKeyAuthSid,
  WinBuiltinDeviceOwnersSid
} WELL_KNOWN_SID_TYPE;

Constants


`WinNullSid` Indicates a null SID.
`WinWorldSid` Indicates a SID that matches everyone.
`WinLocalSid` Indicates a local SID.
`WinCreatorOwnerSid` Indicates a SID that matches the owner or creator of an object.
`WinCreatorGroupSid` Indicates a SID that matches the creator group of an object.
`WinCreatorOwnerServerSid` Indicates a creator owner server SID.
`WinCreatorGroupServerSid` Indicates a creator group server SID.
`WinNtAuthoritySid` Indicates a SID for the Windows NT authority account.
`WinDialupSid` Indicates a SID for a dial-up account.
`WinNetworkSid` Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK.
`WinBatchSid` Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH.
`WinInteractiveSid` Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE.
`WinServiceSid` Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE.
`WinAnonymousSid` Indicates a SID for the anonymous account.
`WinProxySid` Indicates a proxy SID.
`WinEnterpriseControllersSid` Indicates a SID for an enterprise controller.
`WinSelfSid` Indicates a SID for self.
`WinAuthenticatedUserSid` Indicates a SID that matches any authenticated user.
`WinRestrictedCodeSid` Indicates a SID for restricted code.
`WinTerminalServerSid` Indicates a SID that matches a terminal server account.
`WinRemoteLogonIdSid` Indicates a SID that matches remote logons.
`WinLogonIdsSid` Indicates a SID that matches logon IDs.
`WinLocalSystemSid` Indicates a SID that matches the local system.
`WinLocalServiceSid` Indicates a SID that matches a local service.
`WinNetworkServiceSid` Indicates a SID that matches a network service.
`WinBuiltinDomainSid` Indicates a SID that matches the domain account.
`WinBuiltinAdministratorsSid` Indicates a SID that matches the administrator group.
`WinBuiltinUsersSid` Indicates a SID that matches built-in user accounts.
`WinBuiltinGuestsSid` Indicates a SID that matches the guest account.
`WinBuiltinPowerUsersSid` Indicates a SID that matches the power users group.
`WinBuiltinAccountOperatorsSid` Indicates a SID that matches the account operators account.
`WinBuiltinSystemOperatorsSid` Indicates a SID that matches the system operators group.
`WinBuiltinPrintOperatorsSid` Indicates a SID that matches the print operators group.
`WinBuiltinBackupOperatorsSid` Indicates a SID that matches the backup operators group.
`WinBuiltinReplicatorSid` Indicates a SID that matches the replicator account.
`WinBuiltinPreWindows2000CompatibleAccessSid` Indicates a SID that matches pre-Windows 2000 compatible accounts.
`WinBuiltinRemoteDesktopUsersSid` Indicates a SID that matches remote desktop users.
`WinBuiltinNetworkConfigurationOperatorsSid` Indicates a SID that matches the network operators group.
`WinAccountAdministratorSid` Indicates a SID that matches the account administrator's account.
`WinAccountGuestSid` Indicates a SID that matches the account guest group.
`WinAccountKrbtgtSid` Indicates a SID that matches account Kerberos target group.
`WinAccountDomainAdminsSid` Indicates a SID that matches the account domain administrator group.
`WinAccountDomainUsersSid` Indicates a SID that matches the account domain users group.
`WinAccountDomainGuestsSid` Indicates a SID that matches the account domain guests group.
`WinAccountComputersSid` Indicates a SID that matches the account computer group.
`WinAccountControllersSid` Indicates a SID that matches the account controller group.
`WinAccountCertAdminsSid` Indicates a SID that matches the certificate administrators group.
`WinAccountSchemaAdminsSid` Indicates a SID that matches the schema administrators group.
`WinAccountEnterpriseAdminsSid` Indicates a SID that matches the enterprise administrators group.
`WinAccountPolicyAdminsSid` Indicates a SID that matches the policy administrators group.
`WinAccountRasAndIasServersSid` Indicates a SID that matches the RAS and IAS server account.
`WinNTLMAuthenticationSid` Indicates a SID present when the Microsoft NTLM authentication package authenticated the client.
`WinDigestAuthenticationSid` Indicates a SID present when the Microsoft Digest authentication package authenticated the client.
`WinSChannelAuthenticationSid` Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client.
`WinThisOrganizationSid` Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present.
`WinOtherOrganizationSid` Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present.
`WinBuiltinIncomingForestTrustBuildersSid` Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest.
`WinBuiltinPerfMonitoringUsersSid` Indicates a SID that matches the performance monitor user group.
`WinBuiltinPerfLoggingUsersSid` Indicates a SID that matches the performance log user group.
`WinBuiltinAuthorizationAccessSid` Indicates a SID that matches the Windows Authorization Access group.
`WinBuiltinTerminalServerLicenseServersSid` Indicates a SID is present in a server that can issue terminal server licenses.
`WinBuiltinDCOMUsersSid` Indicates a SID that matches the distributed COM user group.
`WinBuiltinIUsersSid` Indicates a SID that matches the Internet built-in user group.
`WinIUserSid` Indicates a SID that matches the Internet user group.
`WinBuiltinCryptoOperatorsSid` Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group.
`WinUntrustedLabelSid` Indicates a SID that matches an untrusted label.
`WinLowLabelSid` Indicates a SID that matches an low level of trust label.
`WinMediumLabelSid` Indicates a SID that matches an medium level of trust label.
`WinHighLabelSid` Indicates a SID that matches a high level of trust label.
`WinSystemLabelSid` Indicates a SID that matches a system label.
`WinWriteRestrictedCodeSid` Indicates a SID that matches a write restricted code group.
`WinCreatorOwnerRightsSid` Indicates a SID that matches a creator and owner rights group.
`WinCacheablePrincipalsGroupSid` Indicates a SID that matches a cacheable principals group.
`WinNonCacheablePrincipalsGroupSid` Indicates a SID that matches a non-cacheable principals group.
`WinEnterpriseReadonlyControllersSid` Indicates a SID that matches an enterprise wide read-only controllers group.
`WinAccountReadonlyControllersSid` Indicates a SID that matches an account read-only controllers group.
`WinBuiltinEventLogReadersGroup` Indicates a SID that matches an event log readers group.
`WinNewEnterpriseReadonlyControllersSid` Indicates a SID that matches a read-only enterprise domain controller.
`WinBuiltinCertSvcDComAccessGroup` Indicates a SID that matches the built-in DCOM certification services access group.
`WinMediumPlusLabelSid` Indicates a SID that matches the medium plus integrity label. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinLocalLogonSid` Indicates a SID that matches a local logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinConsoleLogonSid` Indicates a SID that matches a console logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinThisOrganizationCertificateSid` Indicates a SID that matches a certificate for the given organization. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinApplicationPackageAuthoritySid` Indicates a SID that matches the application package authority. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinBuiltinAnyPackageSid` Indicates a SID that applies to all app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityInternetClientSid` Indicates a SID of Internet client capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityInternetClientServerSid` Indicates a SID of Internet client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityPrivateNetworkClientServerSid` Indicates a SID of private network client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityPicturesLibrarySid` Indicates a SID for pictures library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityVideosLibrarySid` Indicates a SID for videos library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityMusicLibrarySid` Indicates a SID for music library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityDocumentsLibrarySid` Indicates a SID for documents library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilitySharedUserCertificatesSid` Indicates a SID for shared user certificates capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityEnterpriseAuthenticationSid` Indicates a SID for Windows credentials capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinCapabilityRemovableStorageSid` Indicates a SID for removable storage capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available.
`WinBuiltinRDSRemoteAccessServersSid`
`WinBuiltinRDSEndpointServersSid`
`WinBuiltinRDSManagementServersSid`
`WinUserModeDriversSid`
`WinBuiltinHyperVAdminsSid`
`WinAccountCloneableControllersSid`
`WinBuiltinAccessControlAssistanceOperatorsSid`
`WinBuiltinRemoteManagementUsersSid`
`WinAuthenticationAuthorityAssertedSid`
`WinAuthenticationServiceAssertedSid`
`WinLocalAccountSid`
`WinLocalAccountAndAdministratorSid`
`WinAccountProtectedUsersSid`
`WinCapabilityAppointmentsSid`
`WinCapabilityContactsSid`
`WinAccountDefaultSystemManagedSid`
`WinBuiltinDefaultSystemManagedGroupSid`
`WinBuiltinStorageReplicaAdminsSid`
`WinAccountKeyAdminsSid`
`WinAccountEnterpriseKeyAdminsSid`
`WinAuthenticationKeyTrustSid`
`WinAuthenticationKeyPropertyMFASid`
`WinAuthenticationKeyPropertyAttestationSid`
`WinAuthenticationFreshKeyAuthSid`
`WinBuiltinDeviceOwnersSid`

Requirements


Minimum supported client	Windows XP [desktop apps only]
Minimum supported server	Windows Server 2003 [desktop apps only]
Header	winnt.h (include Windows.h)

WELL_KNOWN_SID_TYPE enumeration (winnt.h)

Syntax

Constants

Requirements

See also

Is this page helpful?

Is this page helpful?