WellKnownSidType
Defines a set of commonly used security identifiers (SIDs).
Indicates a SID that matches the account administrators group.
AccountCertAdminsSid = 46
Indicates a SID that matches the certificate administrators group.
AccountComputersSid = 44
Indicates a SID that matches the account computer group.
Indicates a SID that matches the account controller group.
Indicates a SID that matches the account domain administrator group.
Indicates a SID that matches the account domain guests group.
Indicates a SID that matches the account domain users group.
Indicates a SID that matches the enterprise administrators group.
AccountGuestSid = 39
Indicates a SID that matches the account guest group.
AccountKrbtgtSid = 40
Indicates a SID that matches the account Kerberos target group.
Indicates a SID that matches the policy administrators group.
Indicates a SID that matches the RAS and IAS server account.
Indicates a SID that matches the schema administrators group.
AnonymousSid = 13
Indicates a SID for the anonymous account.
AuthenticatedUserSid = 17
Indicates a SID for an authenticated user.
BatchSid = 10
Indicates a SID for a batch process. This SID is added to the process of a token when it logs on as a batch job.
Indicates a SID that matches the account operators account.
Indicates a SID that matches the administrator account.
Indicates a SID that matches the Windows Authorization Access group.
Indicates a SID that matches the backup operators group.
BuiltinDomainSid = 25
Indicates a SID that matches the domain account.
BuiltinGuestsSid = 28
Indicates a SID that matches the guest account.
Indicates a SID that allows a user to create incoming forest trusts. It is added to the token of users who are a member of the Incoming Forest Trust Builders built-in group in the root domain of the forest.
Indicates a SID that matches the network operators group.
Indicates a SID that matches the group of users that have remote access to monitor the computer.
Indicates a SID that matches the group of users that have remote access to schedule logging of performance counters on this computer.
BuiltinPowerUsersSid = 29
Indicates a SID that matches the power users group.
Indicates a SID that matches pre-Windows 2000 compatible accounts.
Indicates a SID that matches the print operators group.
Indicates a SID that matches remote desktop users.
BuiltinReplicatorSid = 34
Indicates a SID that matches the replicator account.
Indicates a SID that matches the system operators group.
BuiltinUsersSid = 27
Indicates a SID that matches built-in user accounts.
Indicates a creator group server SID.
CreatorGroupSid = 4
Indicates a SID that matches the creator group of an object.
Indicates a creator owner server SID.
CreatorOwnerSid = 3
Indicates a SID that matches the owner or creator of an object.
DialupSid = 8
Indicates a SID for a dial-up account.
Indicates a SID present when the Microsoft Digest authentication package authenticated the client.
Indicates a SID for an enterprise controller.
InteractiveSid = 11
Indicates a SID for an interactive account. This SID is added to the process of a token when it logs on interactively.
LocalServiceSid = 23
Indicates a SID that matches a local service.
LocalSid = 2
Indicates a local SID.
LocalSystemSid = 22
Indicates a SID that matches the local system.
LogonIdsSid = 21
Indicates a SID that matches logon IDs.
MaxDefined = 60
Indicates the maximum defined SID in the WellKnownSidType enumeration.
NetworkServiceSid = 24
Indicates a SID that matches a network service.
NetworkSid = 9
Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network.
NTAuthoritySid = 7
Indicates a SID for the Windows NT authority.
Indicates a SID present when the Microsoft NTLM authentication package authenticated the client.
NullSid = 0
Indicates a null SID.
OtherOrganizationSid = 55
Indicates a SID present when the user authenticated across a forest with the selective authentication option enabled. If this SID is present, then ThisOrganizationSid cannot be present.
ProxySid = 14
Indicates a proxy SID.
RemoteLogonIdSid = 20
Indicates a SID that matches remote logons.
RestrictedCodeSid = 18
Indicates a SID for restricted code.
Indicates a SID present when the Secure Channel (SSL/TLS) authentication package authenticated the client.
SelfSid = 16
Indicates a SID for self.
ServiceSid = 12
Indicates a SID for a service. This SID is added to the process of a token when it logs on as a service.
TerminalServerSid = 19
Indicates a SID that matches a terminal server account.
ThisOrganizationSid = 54
Indicates a SID present when the user authenticated from within the forest or across a trust that does not have the selective authentication option enabled. If this SID is present, then OtherOrganizationSid cannot be present.
Indicates a SID that matches an account read-only controllers group.
Indicates a SID that matches the application package authority.
Indicates a SID that applies to all app containers.
Indicates a SID that matches the built-in DCOM certification services access group.
Indicates a SID that allows a user to use cryptographic operations. It is added to the token of users who are a member of the CryptoOperators built-in group.
Indicates a SID that matches the distributed COM user group.
Indicates a SID that matches an event log readers group.
WinBuiltinIUsersSid = 62
Indicates a SID that matches the Internet built-in user group.
Indicates a SID is present in a server that can issue Terminal Server licenses.
Indicates a SID that matches a cacheable principals group.
Indicates a SID for documents library capability for app containers.
Indicates a SID for Windows credentials capability for app containers.
Indicates a SID of Internet client and server capability for app containers.
Indicates a SID of Internet client capability for app containers.
Indicates a SID for music library capability for app containers.
Indicates a SID for pictures library capability for app containers.
Indicates a SID of private network client and server capability for app containers.
Indicates a SID for removable storage capability for app containers.
Indicates a SID for shared user certificates capability for app containers.
Indicates a SID for videos library capability for app containers.
WinConsoleLogonSid = 81
Indicates a SID that matches a console logon group.
Indicates a SID that matches a creator and owner rights group.
Indicates a SID that matches an enterprise wide read-only controllers group.
WinHighLabelSid = 68
Indicates a SID that matches a high level of trust label.
WinIUserSid = 63
Indicates a SID that matches the Internet user group.
WinLocalLogonSid = 80
Indicates a SID that matches a local logon group.
WinLowLabelSid = 66
Indicates a SID that matches an low level of trust label.
WinMediumLabelSid = 67
Indicates a SID that matches an medium level of trust label.
Indicates a SID that matches the medium plus integrity label.
Indicates a SID that matches a read-only enterprise domain controller.
Indicates a SID that matches a non-cacheable principals group.
WinSystemLabelSid = 69
Indicates a SID that matches a system label.
Indicates a SID that matches a certificate for the given organization.
WinUntrustedLabelSid = 65
Indicates a SID that matches an untrusted label.
Indicates a SID that matches a write restricted code group.
WorldSid = 1
Indicates a SID that matches everyone.