WELL_KNOWN_SID_TYPE enumeration (winnt.h)
The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.
Syntax
typedef enum {
WinNullSid = 0,
WinWorldSid = 1,
WinLocalSid = 2,
WinCreatorOwnerSid = 3,
WinCreatorGroupSid = 4,
WinCreatorOwnerServerSid = 5,
WinCreatorGroupServerSid = 6,
WinNtAuthoritySid = 7,
WinDialupSid = 8,
WinNetworkSid = 9,
WinBatchSid = 10,
WinInteractiveSid = 11,
WinServiceSid = 12,
WinAnonymousSid = 13,
WinProxySid = 14,
WinEnterpriseControllersSid = 15,
WinSelfSid = 16,
WinAuthenticatedUserSid = 17,
WinRestrictedCodeSid = 18,
WinTerminalServerSid = 19,
WinRemoteLogonIdSid = 20,
WinLogonIdsSid = 21,
WinLocalSystemSid = 22,
WinLocalServiceSid = 23,
WinNetworkServiceSid = 24,
WinBuiltinDomainSid = 25,
WinBuiltinAdministratorsSid = 26,
WinBuiltinUsersSid = 27,
WinBuiltinGuestsSid = 28,
WinBuiltinPowerUsersSid = 29,
WinBuiltinAccountOperatorsSid = 30,
WinBuiltinSystemOperatorsSid = 31,
WinBuiltinPrintOperatorsSid = 32,
WinBuiltinBackupOperatorsSid = 33,
WinBuiltinReplicatorSid = 34,
WinBuiltinPreWindows2000CompatibleAccessSid = 35,
WinBuiltinRemoteDesktopUsersSid = 36,
WinBuiltinNetworkConfigurationOperatorsSid = 37,
WinAccountAdministratorSid = 38,
WinAccountGuestSid = 39,
WinAccountKrbtgtSid = 40,
WinAccountDomainAdminsSid = 41,
WinAccountDomainUsersSid = 42,
WinAccountDomainGuestsSid = 43,
WinAccountComputersSid = 44,
WinAccountControllersSid = 45,
WinAccountCertAdminsSid = 46,
WinAccountSchemaAdminsSid = 47,
WinAccountEnterpriseAdminsSid = 48,
WinAccountPolicyAdminsSid = 49,
WinAccountRasAndIasServersSid = 50,
WinNTLMAuthenticationSid = 51,
WinDigestAuthenticationSid = 52,
WinSChannelAuthenticationSid = 53,
WinThisOrganizationSid = 54,
WinOtherOrganizationSid = 55,
WinBuiltinIncomingForestTrustBuildersSid = 56,
WinBuiltinPerfMonitoringUsersSid = 57,
WinBuiltinPerfLoggingUsersSid = 58,
WinBuiltinAuthorizationAccessSid = 59,
WinBuiltinTerminalServerLicenseServersSid = 60,
WinBuiltinDCOMUsersSid = 61,
WinBuiltinIUsersSid = 62,
WinIUserSid = 63,
WinBuiltinCryptoOperatorsSid = 64,
WinUntrustedLabelSid = 65,
WinLowLabelSid = 66,
WinMediumLabelSid = 67,
WinHighLabelSid = 68,
WinSystemLabelSid = 69,
WinWriteRestrictedCodeSid = 70,
WinCreatorOwnerRightsSid = 71,
WinCacheablePrincipalsGroupSid = 72,
WinNonCacheablePrincipalsGroupSid = 73,
WinEnterpriseReadonlyControllersSid = 74,
WinAccountReadonlyControllersSid = 75,
WinBuiltinEventLogReadersGroup = 76,
WinNewEnterpriseReadonlyControllersSid = 77,
WinBuiltinCertSvcDComAccessGroup = 78,
WinMediumPlusLabelSid = 79,
WinLocalLogonSid = 80,
WinConsoleLogonSid = 81,
WinThisOrganizationCertificateSid = 82,
WinApplicationPackageAuthoritySid = 83,
WinBuiltinAnyPackageSid = 84,
WinCapabilityInternetClientSid = 85,
WinCapabilityInternetClientServerSid = 86,
WinCapabilityPrivateNetworkClientServerSid = 87,
WinCapabilityPicturesLibrarySid = 88,
WinCapabilityVideosLibrarySid = 89,
WinCapabilityMusicLibrarySid = 90,
WinCapabilityDocumentsLibrarySid = 91,
WinCapabilitySharedUserCertificatesSid = 92,
WinCapabilityEnterpriseAuthenticationSid = 93,
WinCapabilityRemovableStorageSid = 94,
WinBuiltinRDSRemoteAccessServersSid = 95,
WinBuiltinRDSEndpointServersSid = 96,
WinBuiltinRDSManagementServersSid = 97,
WinUserModeDriversSid = 98,
WinBuiltinHyperVAdminsSid = 99,
WinAccountCloneableControllersSid = 100,
WinBuiltinAccessControlAssistanceOperatorsSid = 101,
WinBuiltinRemoteManagementUsersSid = 102,
WinAuthenticationAuthorityAssertedSid = 103,
WinAuthenticationServiceAssertedSid = 104,
WinLocalAccountSid = 105,
WinLocalAccountAndAdministratorSid = 106,
WinAccountProtectedUsersSid = 107,
WinCapabilityAppointmentsSid = 108,
WinCapabilityContactsSid = 109,
WinAccountDefaultSystemManagedSid = 110,
WinBuiltinDefaultSystemManagedGroupSid = 111,
WinBuiltinStorageReplicaAdminsSid = 112,
WinAccountKeyAdminsSid = 113,
WinAccountEnterpriseKeyAdminsSid = 114,
WinAuthenticationKeyTrustSid = 115,
WinAuthenticationKeyPropertyMFASid = 116,
WinAuthenticationKeyPropertyAttestationSid = 117,
WinAuthenticationFreshKeyAuthSid = 118,
WinBuiltinDeviceOwnersSid = 119,
WinBuiltinUserModeHardwareOperatorsSid,
WinBuiltinOpenSSHUsersSid
} WELL_KNOWN_SID_TYPE;
Constants
WinNullSid Value: 0 Indicates a null SID. |
WinWorldSid Value: 1 Indicates a SID that matches everyone. |
WinLocalSid Value: 2 Indicates a local SID. |
WinCreatorOwnerSid Value: 3 Indicates a SID that matches the owner or creator of an object. |
WinCreatorGroupSid Value: 4 Indicates a SID that matches the creator group of an object. |
WinCreatorOwnerServerSid Value: 5 Indicates a creator owner server SID. |
WinCreatorGroupServerSid Value: 6 Indicates a creator group server SID. |
WinNtAuthoritySid Value: 7 Indicates a SID for the Windows NT authority account. |
WinDialupSid Value: 8 Indicates a SID for a dial-up account. |
WinNetworkSid Value: 9 Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK. |
WinBatchSid Value: 10 Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH. |
WinInteractiveSid Value: 11 Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE. |
WinServiceSid Value: 12 Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE. |
WinAnonymousSid Value: 13 Indicates a SID for the anonymous account. |
WinProxySid Value: 14 Indicates a proxy SID. |
WinEnterpriseControllersSid Value: 15 Indicates a SID for an enterprise controller. |
WinSelfSid Value: 16 Indicates a SID for self. |
WinAuthenticatedUserSid Value: 17 Indicates a SID that matches any authenticated user. |
WinRestrictedCodeSid Value: 18 Indicates a SID for restricted code. |
WinTerminalServerSid Value: 19 Indicates a SID that matches a terminal server account. |
WinRemoteLogonIdSid Value: 20 Indicates a SID that matches remote logons. |
WinLogonIdsSid Value: 21 Indicates a SID that matches logon IDs. |
WinLocalSystemSid Value: 22 Indicates a SID that matches the local system. |
WinLocalServiceSid Value: 23 Indicates a SID that matches a local service. |
WinNetworkServiceSid Value: 24 Indicates a SID that matches a network service. |
WinBuiltinDomainSid Value: 25 Indicates a SID that matches the domain account. |
WinBuiltinAdministratorsSid Value: 26 Indicates a SID that matches the administrator group. |
WinBuiltinUsersSid Value: 27 Indicates a SID that matches built-in user accounts. |
WinBuiltinGuestsSid Value: 28 Indicates a SID that matches the guest account. |
WinBuiltinPowerUsersSid Value: 29 Indicates a SID that matches the power users group. |
WinBuiltinAccountOperatorsSid Value: 30 Indicates a SID that matches the account operators account. |
WinBuiltinSystemOperatorsSid Value: 31 Indicates a SID that matches the system operators group. |
WinBuiltinPrintOperatorsSid Value: 32 Indicates a SID that matches the print operators group. |
WinBuiltinBackupOperatorsSid Value: 33 Indicates a SID that matches the backup operators group. |
WinBuiltinReplicatorSid Value: 34 Indicates a SID that matches the replicator account. |
WinBuiltinPreWindows2000CompatibleAccessSid Value: 35 Indicates a SID that matches pre-Windows 2000 compatible accounts. |
WinBuiltinRemoteDesktopUsersSid Value: 36 Indicates a SID that matches remote desktop users. |
WinBuiltinNetworkConfigurationOperatorsSid Value: 37 Indicates a SID that matches the network operators group. |
WinAccountAdministratorSid Value: 38 Indicates a SID that matches the account administrator's account. |
WinAccountGuestSid Value: 39 Indicates a SID that matches the account guest group. |
WinAccountKrbtgtSid Value: 40 Indicates a SID that matches account Kerberos target group. |
WinAccountDomainAdminsSid Value: 41 Indicates a SID that matches the account domain administrator group. |
WinAccountDomainUsersSid Value: 42 Indicates a SID that matches the account domain users group. |
WinAccountDomainGuestsSid Value: 43 Indicates a SID that matches the account domain guests group. |
WinAccountComputersSid Value: 44 Indicates a SID that matches the account computer group. |
WinAccountControllersSid Value: 45 Indicates a SID that matches the account controller group. |
WinAccountCertAdminsSid Value: 46 Indicates a SID that matches the certificate administrators group. |
WinAccountSchemaAdminsSid Value: 47 Indicates a SID that matches the schema administrators group. |
WinAccountEnterpriseAdminsSid Value: 48 Indicates a SID that matches the enterprise administrators group. |
WinAccountPolicyAdminsSid Value: 49 Indicates a SID that matches the policy administrators group. |
WinAccountRasAndIasServersSid Value: 50 Indicates a SID that matches the RAS and IAS server account. |
WinNTLMAuthenticationSid Value: 51 Indicates a SID present when the Microsoft NTLM authentication package authenticated the client. |
WinDigestAuthenticationSid Value: 52 Indicates a SID present when the Microsoft Digest authentication package authenticated the client. |
WinSChannelAuthenticationSid Value: 53 Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client. |
WinThisOrganizationSid Value: 54 Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present. |
WinOtherOrganizationSid Value: 55 Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present. |
WinBuiltinIncomingForestTrustBuildersSid Value: 56 Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest. |
WinBuiltinPerfMonitoringUsersSid Value: 57 Indicates a SID that matches the performance monitor user group. |
WinBuiltinPerfLoggingUsersSid Value: 58 Indicates a SID that matches the performance log user group. |
WinBuiltinAuthorizationAccessSid Value: 59 Indicates a SID that matches the Windows Authorization Access group. |
WinBuiltinTerminalServerLicenseServersSid Value: 60 Indicates a SID is present in a server that can issue terminal server licenses. |
WinBuiltinDCOMUsersSid Value: 61 Indicates a SID that matches the distributed COM user group. |
WinBuiltinIUsersSid Value: 62 Indicates a SID that matches the Internet built-in user group. |
WinIUserSid Value: 63 Indicates a SID that matches the Internet user group. |
WinBuiltinCryptoOperatorsSid Value: 64 Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group. |
WinUntrustedLabelSid Value: 65 Indicates a SID that matches an untrusted label. |
WinLowLabelSid Value: 66 Indicates a SID that matches a low level of trust label. |
WinMediumLabelSid Value: 67 Indicates a SID that matches a medium level of trust label. |
WinHighLabelSid Value: 68 Indicates a SID that matches a high level of trust label. |
WinSystemLabelSid Value: 69 Indicates a SID that matches a system label. |
WinWriteRestrictedCodeSid Value: 70 Indicates a SID that matches a write restricted code group. |
WinCreatorOwnerRightsSid Value: 71 Indicates a SID that matches a creator and owner rights group. |
WinCacheablePrincipalsGroupSid Value: 72 Indicates a SID that matches a cacheable principals group. |
WinNonCacheablePrincipalsGroupSid Value: 73 Indicates a SID that matches a non-cacheable principals group. |
WinEnterpriseReadonlyControllersSid Value: 74 Indicates a SID that matches an enterprise wide read-only controllers group. |
WinAccountReadonlyControllersSid Value: 75 Indicates a SID that matches an account read-only controllers group. |
WinBuiltinEventLogReadersGroup Value: 76 Indicates a SID that matches an event log readers group. |
WinNewEnterpriseReadonlyControllersSid Value: 77 Indicates a SID that matches a read-only enterprise domain controller. |
WinBuiltinCertSvcDComAccessGroup Value: 78 Indicates a SID that matches the built-in DCOM certification services access group. |
WinMediumPlusLabelSid Value: 79 Indicates a SID that matches the medium plus integrity label. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinLocalLogonSid Value: 80 Indicates a SID that matches a local logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinConsoleLogonSid Value: 81 Indicates a SID that matches a console logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinThisOrganizationCertificateSid Value: 82 Indicates a SID that matches a certificate for the given organization. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinApplicationPackageAuthoritySid Value: 83 Indicates a SID that matches the application package authority. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinBuiltinAnyPackageSid Value: 84 Indicates a SID that applies to all app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityInternetClientSid Value: 85 Indicates a SID of Internet client capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityInternetClientServerSid Value: 86 Indicates a SID of Internet client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityPrivateNetworkClientServerSid Value: 87 Indicates a SID of private network client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityPicturesLibrarySid Value: 88 Indicates a SID for pictures library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityVideosLibrarySid Value: 89 Indicates a SID for videos library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityMusicLibrarySid Value: 90 Indicates a SID for music library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityDocumentsLibrarySid Value: 91 Indicates a SID for documents library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilitySharedUserCertificatesSid Value: 92 Indicates a SID for shared user certificates capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityEnterpriseAuthenticationSid Value: 93 Indicates a SID for Windows credentials capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityRemovableStorageSid Value: 94 Indicates a SID for removable storage capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinBuiltinRDSRemoteAccessServersSid Value: 95 |
WinBuiltinRDSEndpointServersSid Value: 96 |
WinBuiltinRDSManagementServersSid Value: 97 |
WinUserModeDriversSid Value: 98 |
WinBuiltinHyperVAdminsSid Value: 99 |
WinAccountCloneableControllersSid Value: 100 |
WinBuiltinAccessControlAssistanceOperatorsSid Value: 101 |
WinBuiltinRemoteManagementUsersSid Value: 102 |
WinAuthenticationAuthorityAssertedSid Value: 103 |
WinAuthenticationServiceAssertedSid Value: 104 |
WinLocalAccountSid Value: 105 |
WinLocalAccountAndAdministratorSid Value: 106 |
WinAccountProtectedUsersSid Value: 107 |
WinCapabilityAppointmentsSid Value: 108 |
WinCapabilityContactsSid Value: 109 |
WinAccountDefaultSystemManagedSid Value: 110 |
WinBuiltinDefaultSystemManagedGroupSid Value: 111 |
WinBuiltinStorageReplicaAdminsSid Value: 112 |
WinAccountKeyAdminsSid Value: 113 |
WinAccountEnterpriseKeyAdminsSid Value: 114 |
WinAuthenticationKeyTrustSid Value: 115 |
WinAuthenticationKeyPropertyMFASid Value: 116 |
WinAuthenticationKeyPropertyAttestationSid Value: 117 |
WinAuthenticationFreshKeyAuthSid Value: 118 |
WinBuiltinDeviceOwnersSid Value: 119 |
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows XP [desktop apps only] |
Minimum supported server | Windows Server 2003 [desktop apps only] |
Header | winnt.h (include Windows.h) |