WELL_KNOWN_SID_TYPE enumeration (winnt.h)
The WELL_KNOWN_SID_TYPE enumeration is a list of commonly used security identifiers (SIDs). Programs can pass these values to the CreateWellKnownSid function to create a SID from this list.
Syntax
typedef enum {
WinNullSid = 0,
WinWorldSid = 1,
WinLocalSid = 2,
WinCreatorOwnerSid = 3,
WinCreatorGroupSid = 4,
WinCreatorOwnerServerSid = 5,
WinCreatorGroupServerSid = 6,
WinNtAuthoritySid = 7,
WinDialupSid = 8,
WinNetworkSid = 9,
WinBatchSid = 10,
WinInteractiveSid = 11,
WinServiceSid = 12,
WinAnonymousSid = 13,
WinProxySid = 14,
WinEnterpriseControllersSid = 15,
WinSelfSid = 16,
WinAuthenticatedUserSid = 17,
WinRestrictedCodeSid = 18,
WinTerminalServerSid = 19,
WinRemoteLogonIdSid = 20,
WinLogonIdsSid = 21,
WinLocalSystemSid = 22,
WinLocalServiceSid = 23,
WinNetworkServiceSid = 24,
WinBuiltinDomainSid = 25,
WinBuiltinAdministratorsSid = 26,
WinBuiltinUsersSid = 27,
WinBuiltinGuestsSid = 28,
WinBuiltinPowerUsersSid = 29,
WinBuiltinAccountOperatorsSid = 30,
WinBuiltinSystemOperatorsSid = 31,
WinBuiltinPrintOperatorsSid = 32,
WinBuiltinBackupOperatorsSid = 33,
WinBuiltinReplicatorSid = 34,
WinBuiltinPreWindows2000CompatibleAccessSid = 35,
WinBuiltinRemoteDesktopUsersSid = 36,
WinBuiltinNetworkConfigurationOperatorsSid = 37,
WinAccountAdministratorSid = 38,
WinAccountGuestSid = 39,
WinAccountKrbtgtSid = 40,
WinAccountDomainAdminsSid = 41,
WinAccountDomainUsersSid = 42,
WinAccountDomainGuestsSid = 43,
WinAccountComputersSid = 44,
WinAccountControllersSid = 45,
WinAccountCertAdminsSid = 46,
WinAccountSchemaAdminsSid = 47,
WinAccountEnterpriseAdminsSid = 48,
WinAccountPolicyAdminsSid = 49,
WinAccountRasAndIasServersSid = 50,
WinNTLMAuthenticationSid = 51,
WinDigestAuthenticationSid = 52,
WinSChannelAuthenticationSid = 53,
WinThisOrganizationSid = 54,
WinOtherOrganizationSid = 55,
WinBuiltinIncomingForestTrustBuildersSid = 56,
WinBuiltinPerfMonitoringUsersSid = 57,
WinBuiltinPerfLoggingUsersSid = 58,
WinBuiltinAuthorizationAccessSid = 59,
WinBuiltinTerminalServerLicenseServersSid = 60,
WinBuiltinDCOMUsersSid = 61,
WinBuiltinIUsersSid = 62,
WinIUserSid = 63,
WinBuiltinCryptoOperatorsSid = 64,
WinUntrustedLabelSid = 65,
WinLowLabelSid = 66,
WinMediumLabelSid = 67,
WinHighLabelSid = 68,
WinSystemLabelSid = 69,
WinWriteRestrictedCodeSid = 70,
WinCreatorOwnerRightsSid = 71,
WinCacheablePrincipalsGroupSid = 72,
WinNonCacheablePrincipalsGroupSid = 73,
WinEnterpriseReadonlyControllersSid = 74,
WinAccountReadonlyControllersSid = 75,
WinBuiltinEventLogReadersGroup = 76,
WinNewEnterpriseReadonlyControllersSid = 77,
WinBuiltinCertSvcDComAccessGroup = 78,
WinMediumPlusLabelSid = 79,
WinLocalLogonSid = 80,
WinConsoleLogonSid = 81,
WinThisOrganizationCertificateSid = 82,
WinApplicationPackageAuthoritySid = 83,
WinBuiltinAnyPackageSid = 84,
WinCapabilityInternetClientSid = 85,
WinCapabilityInternetClientServerSid = 86,
WinCapabilityPrivateNetworkClientServerSid = 87,
WinCapabilityPicturesLibrarySid = 88,
WinCapabilityVideosLibrarySid = 89,
WinCapabilityMusicLibrarySid = 90,
WinCapabilityDocumentsLibrarySid = 91,
WinCapabilitySharedUserCertificatesSid = 92,
WinCapabilityEnterpriseAuthenticationSid = 93,
WinCapabilityRemovableStorageSid = 94,
WinBuiltinRDSRemoteAccessServersSid = 95,
WinBuiltinRDSEndpointServersSid = 96,
WinBuiltinRDSManagementServersSid = 97,
WinUserModeDriversSid = 98,
WinBuiltinHyperVAdminsSid = 99,
WinAccountCloneableControllersSid = 100,
WinBuiltinAccessControlAssistanceOperatorsSid = 101,
WinBuiltinRemoteManagementUsersSid = 102,
WinAuthenticationAuthorityAssertedSid = 103,
WinAuthenticationServiceAssertedSid = 104,
WinLocalAccountSid = 105,
WinLocalAccountAndAdministratorSid = 106,
WinAccountProtectedUsersSid = 107,
WinCapabilityAppointmentsSid = 108,
WinCapabilityContactsSid = 109,
WinAccountDefaultSystemManagedSid = 110,
WinBuiltinDefaultSystemManagedGroupSid = 111,
WinBuiltinStorageReplicaAdminsSid = 112,
WinAccountKeyAdminsSid = 113,
WinAccountEnterpriseKeyAdminsSid = 114,
WinAuthenticationKeyTrustSid = 115,
WinAuthenticationKeyPropertyMFASid = 116,
WinAuthenticationKeyPropertyAttestationSid = 117,
WinAuthenticationFreshKeyAuthSid = 118,
WinBuiltinDeviceOwnersSid = 119,
WinBuiltinUserModeHardwareOperatorsSid,
WinBuiltinOpenSSHUsersSid
} WELL_KNOWN_SID_TYPE;
Constants
WinNullSidValue: 0 Indicates a null SID. |
WinWorldSidValue: 1 Indicates a SID that matches everyone. |
WinLocalSidValue: 2 Indicates a local SID. |
WinCreatorOwnerSidValue: 3 Indicates a SID that matches the owner or creator of an object. |
WinCreatorGroupSidValue: 4 Indicates a SID that matches the creator group of an object. |
WinCreatorOwnerServerSidValue: 5 Indicates a creator owner server SID. |
WinCreatorGroupServerSidValue: 6 Indicates a creator group server SID. |
WinNtAuthoritySidValue: 7 Indicates a SID for the Windows NT authority account. |
WinDialupSidValue: 8 Indicates a SID for a dial-up account. |
WinNetworkSidValue: 9 Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network. The corresponding logon type is LOGON32_LOGON_NETWORK. |
WinBatchSidValue: 10 Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job. The corresponding logon type is LOGON32_LOGON_BATCH. |
WinInteractiveSidValue: 11 Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively. The corresponding logon type is LOGON32_LOGON_INTERACTIVE. |
WinServiceSidValue: 12 Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service. The corresponding logon type is LOGON32_LOGON_SERVICE. |
WinAnonymousSidValue: 13 Indicates a SID for the anonymous account. |
WinProxySidValue: 14 Indicates a proxy SID. |
WinEnterpriseControllersSidValue: 15 Indicates a SID for an enterprise controller. |
WinSelfSidValue: 16 Indicates a SID for self. |
WinAuthenticatedUserSidValue: 17 Indicates a SID that matches any authenticated user. |
WinRestrictedCodeSidValue: 18 Indicates a SID for restricted code. |
WinTerminalServerSidValue: 19 Indicates a SID that matches a terminal server account. |
WinRemoteLogonIdSidValue: 20 Indicates a SID that matches remote logons. |
WinLogonIdsSidValue: 21 Indicates a SID that matches logon IDs. |
WinLocalSystemSidValue: 22 Indicates a SID that matches the local system. |
WinLocalServiceSidValue: 23 Indicates a SID that matches a local service. |
WinNetworkServiceSidValue: 24 Indicates a SID that matches a network service. |
WinBuiltinDomainSidValue: 25 Indicates a SID that matches the domain account. |
WinBuiltinAdministratorsSidValue: 26 Indicates a SID that matches the administrator group. |
WinBuiltinUsersSidValue: 27 Indicates a SID that matches built-in user accounts. |
WinBuiltinGuestsSidValue: 28 Indicates a SID that matches the guest account. |
WinBuiltinPowerUsersSidValue: 29 Indicates a SID that matches the power users group. |
WinBuiltinAccountOperatorsSidValue: 30 Indicates a SID that matches the account operators account. |
WinBuiltinSystemOperatorsSidValue: 31 Indicates a SID that matches the system operators group. |
WinBuiltinPrintOperatorsSidValue: 32 Indicates a SID that matches the print operators group. |
WinBuiltinBackupOperatorsSidValue: 33 Indicates a SID that matches the backup operators group. |
WinBuiltinReplicatorSidValue: 34 Indicates a SID that matches the replicator account. |
WinBuiltinPreWindows2000CompatibleAccessSidValue: 35 Indicates a SID that matches pre-Windows 2000 compatible accounts. |
WinBuiltinRemoteDesktopUsersSidValue: 36 Indicates a SID that matches remote desktop users. |
WinBuiltinNetworkConfigurationOperatorsSidValue: 37 Indicates a SID that matches the network operators group. |
WinAccountAdministratorSidValue: 38 Indicates a SID that matches the account administrator's account. |
WinAccountGuestSidValue: 39 Indicates a SID that matches the account guest group. |
WinAccountKrbtgtSidValue: 40 Indicates a SID that matches account Kerberos target group. |
WinAccountDomainAdminsSidValue: 41 Indicates a SID that matches the account domain administrator group. |
WinAccountDomainUsersSidValue: 42 Indicates a SID that matches the account domain users group. |
WinAccountDomainGuestsSidValue: 43 Indicates a SID that matches the account domain guests group. |
WinAccountComputersSidValue: 44 Indicates a SID that matches the account computer group. |
WinAccountControllersSidValue: 45 Indicates a SID that matches the account controller group. |
WinAccountCertAdminsSidValue: 46 Indicates a SID that matches the certificate administrators group. |
WinAccountSchemaAdminsSidValue: 47 Indicates a SID that matches the schema administrators group. |
WinAccountEnterpriseAdminsSidValue: 48 Indicates a SID that matches the enterprise administrators group. |
WinAccountPolicyAdminsSidValue: 49 Indicates a SID that matches the policy administrators group. |
WinAccountRasAndIasServersSidValue: 50 Indicates a SID that matches the RAS and IAS server account. |
WinNTLMAuthenticationSidValue: 51 Indicates a SID present when the Microsoft NTLM authentication package authenticated the client. |
WinDigestAuthenticationSidValue: 52 Indicates a SID present when the Microsoft Digest authentication package authenticated the client. |
WinSChannelAuthenticationSidValue: 53 Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client. |
WinThisOrganizationSidValue: 54 Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then WinOtherOrganizationSid cannot be present. |
WinOtherOrganizationSidValue: 55 Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then WinThisOrganizationSid cannot be present. |
WinBuiltinIncomingForestTrustBuildersSidValue: 56 Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest. |
WinBuiltinPerfMonitoringUsersSidValue: 57 Indicates a SID that matches the performance monitor user group. |
WinBuiltinPerfLoggingUsersSidValue: 58 Indicates a SID that matches the performance log user group. |
WinBuiltinAuthorizationAccessSidValue: 59 Indicates a SID that matches the Windows Authorization Access group. |
WinBuiltinTerminalServerLicenseServersSidValue: 60 Indicates a SID is present in a server that can issue terminal server licenses. |
WinBuiltinDCOMUsersSidValue: 61 Indicates a SID that matches the distributed COM user group. |
WinBuiltinIUsersSidValue: 62 Indicates a SID that matches the Internet built-in user group. |
WinIUserSidValue: 63 Indicates a SID that matches the Internet user group. |
WinBuiltinCryptoOperatorsSidValue: 64 Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group. |
WinUntrustedLabelSidValue: 65 Indicates a SID that matches an untrusted label. |
WinLowLabelSidValue: 66 Indicates a SID that matches a low level of trust label. |
WinMediumLabelSidValue: 67 Indicates a SID that matches a medium level of trust label. |
WinHighLabelSidValue: 68 Indicates a SID that matches a high level of trust label. |
WinSystemLabelSidValue: 69 Indicates a SID that matches a system label. |
WinWriteRestrictedCodeSidValue: 70 Indicates a SID that matches a write restricted code group. |
WinCreatorOwnerRightsSidValue: 71 Indicates a SID that matches a creator and owner rights group. |
WinCacheablePrincipalsGroupSidValue: 72 Indicates a SID that matches a cacheable principals group. |
WinNonCacheablePrincipalsGroupSidValue: 73 Indicates a SID that matches a non-cacheable principals group. |
WinEnterpriseReadonlyControllersSidValue: 74 Indicates a SID that matches an enterprise wide read-only controllers group. |
WinAccountReadonlyControllersSidValue: 75 Indicates a SID that matches an account read-only controllers group. |
WinBuiltinEventLogReadersGroupValue: 76 Indicates a SID that matches an event log readers group. |
WinNewEnterpriseReadonlyControllersSidValue: 77 Indicates a SID that matches a read-only enterprise domain controller. |
WinBuiltinCertSvcDComAccessGroupValue: 78 Indicates a SID that matches the built-in DCOM certification services access group. |
WinMediumPlusLabelSidValue: 79 Indicates a SID that matches the medium plus integrity label. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinLocalLogonSidValue: 80 Indicates a SID that matches a local logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinConsoleLogonSidValue: 81 Indicates a SID that matches a console logon group. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinThisOrganizationCertificateSidValue: 82 Indicates a SID that matches a certificate for the given organization. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinApplicationPackageAuthoritySidValue: 83 Indicates a SID that matches the application package authority. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinBuiltinAnyPackageSidValue: 84 Indicates a SID that applies to all app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityInternetClientSidValue: 85 Indicates a SID of Internet client capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityInternetClientServerSidValue: 86 Indicates a SID of Internet client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityPrivateNetworkClientServerSidValue: 87 Indicates a SID of private network client and server capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityPicturesLibrarySidValue: 88 Indicates a SID for pictures library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityVideosLibrarySidValue: 89 Indicates a SID for videos library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityMusicLibrarySidValue: 90 Indicates a SID for music library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityDocumentsLibrarySidValue: 91 Indicates a SID for documents library capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilitySharedUserCertificatesSidValue: 92 Indicates a SID for shared user certificates capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityEnterpriseAuthenticationSidValue: 93 Indicates a SID for Windows credentials capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinCapabilityRemovableStorageSidValue: 94 Indicates a SID for removable storage capability for app containers. Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: This value is not available. |
WinBuiltinRDSRemoteAccessServersSidValue: 95 |
WinBuiltinRDSEndpointServersSidValue: 96 |
WinBuiltinRDSManagementServersSidValue: 97 |
WinUserModeDriversSidValue: 98 |
WinBuiltinHyperVAdminsSidValue: 99 |
WinAccountCloneableControllersSidValue: 100 |
WinBuiltinAccessControlAssistanceOperatorsSidValue: 101 |
WinBuiltinRemoteManagementUsersSidValue: 102 |
WinAuthenticationAuthorityAssertedSidValue: 103 |
WinAuthenticationServiceAssertedSidValue: 104 |
WinLocalAccountSidValue: 105 |
WinLocalAccountAndAdministratorSidValue: 106 |
WinAccountProtectedUsersSidValue: 107 |
WinCapabilityAppointmentsSidValue: 108 |
WinCapabilityContactsSidValue: 109 |
WinAccountDefaultSystemManagedSidValue: 110 |
WinBuiltinDefaultSystemManagedGroupSidValue: 111 |
WinBuiltinStorageReplicaAdminsSidValue: 112 |
WinAccountKeyAdminsSidValue: 113 |
WinAccountEnterpriseKeyAdminsSidValue: 114 |
WinAuthenticationKeyTrustSidValue: 115 |
WinAuthenticationKeyPropertyMFASidValue: 116 |
WinAuthenticationKeyPropertyAttestationSidValue: 117 |
WinAuthenticationFreshKeyAuthSidValue: 118 |
WinBuiltinDeviceOwnersSidValue: 119 |
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header | winnt.h (include Windows.h) |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for