2.4.1 SID_IDENTIFIER_AUTHORITY
The SID_IDENTIFIER_AUTHORITY structure represents the top-level authority of a security identifier (SID).
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Value |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
Value (6 bytes): An array of six 8-bit unsigned integers that specify the top-level authority of a SID, RPC_SID, and LSAPR_SID_INFORMATION.
-
The identifier authority value identifies the domain security authority that issued the SID. The following identifier authorities are predefined for wire traffic.
-
Identifier Authority
Meaning
NULL_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
Specifies the NULL SID authority. It defines only the NULL well-known-SID: S-1-0-0.
WORLD_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x01}
Specifies the World SID authority. It only defines the Everyone well-known-SID: S-1-1-0.
LOCAL_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x02}
Specifies the Local SID authority. It defines only the Local well-known-SID: S-1-2-0.
CREATOR_SID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x03}
Specifies the Creator SID authority. It defines the Creator Owner, Creator Group, and Creator Owner Server well-known-SIDs: S-1-3-0, S-1-3-1, and S-1-3-2. These SIDs are used as placeholders in an access control list (ACL) and are replaced by the user, group, and machine SIDs of the security principal.
NON_UNIQUE_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x04}
Not used.
SECURITY_NT_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x05}
Specifies the Windows NT operating system security subsystem SID authority. It defines all other SIDs in the forest.
SECURITY_APP_PACKAGE_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x0F}
Specifies the application package authority. It defines application capability SIDs.
SECURITY_MANDATORY_LABEL_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x10}
Specifies the Mandatory label authority. It defines the integrity level SIDs.
SECURITY_SCOPED_POLICY_ID_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x11}
Specifies the Scoped Policy Authority. It defines all other scoped policy SIDs in the forest.<5>
SECURITY_AUTHENTICATION_AUTHORITY
{0x00, 0x00, 0x00, 0x00, 0x00, 0x12}
Specifies the authentication authority asserting the client’s identity. It defines only the following well-known SIDs: S-1-18-1, and S-1-18-2.<6>