2.4.2.1 SID String Format Syntax

The SID string format syntax, a format commonly used for a string representation of the SID type (as specified in section 2.4.2), is described by the following ABNF syntax, as specified in [RFC5234].

 SID= "S-1-" IdentifierAuthority 1*SubAuthority
 IdentifierAuthority= IdentifierAuthorityDec / IdentifierAuthorityHex
   ; If the identifier authority is < 2^32, the
   ; identifier authority is represented as a decimal 
   ; number
   ; If the identifier authority is >= 2^32,
   ; the identifier authority is represented in 
   ; hexadecimal
 IdentifierAuthorityDec =  1*10DIGIT
   ; IdentifierAuthorityDec, top level authority of a 
   ; security identifier is represented as a decimal number
 IdentifierAuthorityHex = "0x" 12HEXDIG
   ; IdentifierAuthorityHex, the top-level authority of a
   ; security identifier is represented as a hexadecimal number
 SubAuthority= "-" 1*10DIGIT
   ; Sub-Authority is always represented as a decimal number 
   ; No leading "0" characters are allowed when IdentifierAuthority
   ; or SubAuthority is represented as a decimal number
   ; All hexadecimal digits must be output in string format,
   ; pre-pended by "0x"