2.4.1 SID_IDENTIFIER_AUTHORITY

The SID_IDENTIFIER_AUTHORITY structure represents the top-level authority of a security identifier (SID).


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Value

...

Value (6 bytes): An array of six 8-bit unsigned integers that specify the top-level authority of a SID, RPC_SID, and LSAPR_SID_INFORMATION.

The identifier authority value identifies the domain security authority that issued the SID. The following identifier authorities are predefined for wire traffic.

Identifier Authority

Meaning

NULL_SID_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x00}

Specifies the NULL SID authority. It defines only the NULL well-known-SID: S-1-0-0.

WORLD_SID_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x01}

Specifies the World SID authority. It only defines the Everyone well-known-SID: S-1-1-0.

LOCAL_SID_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x02}

Specifies the Local SID authority. It defines only the Local well-known-SID: S-1-2-0.

CREATOR_SID_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x03}

Specifies the Creator SID authority. It defines the Creator Owner, Creator Group, and Creator Owner Server well-known-SIDs: S-1-3-0, S-1-3-1, and S-1-3-2. These SIDs are used as placeholders in an access control list (ACL) and are replaced by the user, group, and machine SIDs of the security principal.

NON_UNIQUE_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x04}

Not used.

SECURITY_NT_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x05}

Specifies the Windows NT operating system security subsystem SID authority. It defines all other SIDs in the forest.

SECURITY_APP_PACKAGE_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x0F}

Specifies the application package authority. It defines application capability SIDs.

SECURITY_MANDATORY_LABEL_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x10}

Specifies the Mandatory label authority. It defines the integrity level SIDs.

SECURITY_SCOPED_POLICY_ID_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x11}

Specifies the Scoped Policy Authority. It defines all other scoped policy SIDs in the forest.<5>

SECURITY_AUTHENTICATION_AUTHORITY

{0x00, 0x00, 0x00, 0x00, 0x00, 0x12}

Specifies the authentication authority asserting the client’s identity. It defines only the following well-known SIDs: S-1-18-1, and S-1-18-2.<6>