3.1.1.1.1 Predefined Translation Database and Corresponding View
The Predefined Translation View MUST be constructed using the following non-customizable Predefined Translation Tables. There is a one-to-one mapping between the rows in the view and the rows in the tables. The columns that are not mentioned in these tables are empty. The tables are grouped by the Domain NetBIOS Name and Domain SID columns for easier understanding.
Values of the Domain NetBIOS Name and Security Principal Name columns are shown in U.S. English. In an actual system, these values MUST be localized to the language defined as system locale at the time of message processing.
Domain NetBIOS Name: "" (empty domain name)
Domain SID: S-1-0
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Null Sid |
S-1-0-0 |
SidTypeWellKnownGroup |
Domain NetBIOS Name: "" (empty domain name)
Domain SID: S-1-1
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Everyone |
S-1-1-0 |
SidTypeWellKnownGroup |
Domain NetBIOS Name: "" (empty domain name)
Domain SID: S-1-2
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Local |
S-1-2-0 |
SidTypeWellKnownGroup |
Domain NetBIOS Name: "" (empty domain name)
Domain SID: S-1-3
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Creator Owner |
S-1-3-0 |
SidTypeWellKnownGroup |
|
Creator Group |
S-1-3-1 |
SidTypeWellKnownGroup |
|
Creator Owner Server |
S-1-3-2 |
SidTypeWellKnownGroup |
|
Creator Group Server |
S-1-3-3 |
SidTypeWellKnownGroup |
|
Owner Rights |
S-1-3-4 |
SidTypeWellKnownGroup |
Domain NetBIOS Name: NT Pseudo Domain
Domain SID: S-1-5
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
NT Pseudo Domain |
S-1-5 |
SidTypeDomain |
Domain NetBIOS Name: NT Authority
Domain SID: S-1-5
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Dialup |
S-1-5-1 |
SidTypeWellKnownGroup |
|
Network |
S-1-5-2 |
SidTypeWellKnownGroup |
|
Batch |
S-1-5-3 |
SidTypeWellKnownGroup |
|
Interactive |
S-1-5-4 |
SidTypeWellKnownGroup |
|
Service |
S-1-5-6 |
SidTypeWellKnownGroup |
|
Anonymous Logon |
S-1-5-7 |
SidTypeWellKnownGroup |
|
Proxy |
S-1-5-8 |
SidTypeWellKnownGroup |
|
Enterprise Domain Controllers |
S-1-5-9 |
SidTypeWellKnownGroup |
|
Self |
S-1-5-10 |
SidTypeWellKnownGroup |
|
Authenticated Users |
S-1-5-11 |
SidTypeWellKnownGroup |
|
Restricted |
S-1-5-12 |
SidTypeWellKnownGroup |
|
Terminal Server User |
S-1-5-13 |
SidTypeWellKnownGroup |
|
Remote Interactive Logon |
S-1-5-14 |
SidTypeWellKnownGroup |
|
This Organization |
S-1-5-15 |
SidTypeWellKnownGroup |
|
System |
S-1-5-18 |
SidTypeWellKnownGroup |
|
Local Service |
S-1-5-19 |
SidTypeWellKnownGroup |
|
Network Service |
S-1-5-20 |
SidTypeWellKnownGroup |
|
Write Restricted |
S-1-5-33 |
SidTypeWellKnownGroup |
|
Other Organization |
S-1-5-1000 |
SidTypeWellKnownGroup |
For Windows behavior on the preceding entries, see the following citation.<18>
Domain NetBIOS Name: Builtin
Domain SID: S-1-5-32
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Builtin |
S-1-5-32 |
SidTypeDomain |
Domain NetBIOS Name: Internet$
Domain SID: S-1-7
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Internet$ |
S-1-7 |
SidTypeDomain |
Domain NetBIOS Name: NT Authority
Domain SID: S-1-5-64
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
NTLM Authentication |
S-1-5-64-10 |
SidTypeWellKnownGroup |
|
Digest Authentication |
S-1-5-64-21 |
SidTypeWellKnownGroup |
|
Channel Authentication |
S-1-5-64-14 |
SidTypeWellKnownGroup |
For Windows behavior on the preceding entries, see the following citation.<19>
Domain NetBIOS Name: Mandatory Label
Domain SID: S-1-16
|
Security Principal Name |
Security Principal SID |
Security Principal Type |
|---|---|---|
|
Mandatory Label |
S-1-16 |
SidTypeDomain |
|
Untrusted Mandatory Level |
S-1-16-0 |
SidTypeLabel |
|
Low Mandatory Level |
S-1-16-4096 |
SidTypeLabel |
|
Medium Mandatory Level |
S-1-16-8192 |
SidTypeLabel |
|
High Mandatory Level |
S-1-16-12288 |
SidTypeLabel |
|
System Mandatory Level |
S-1-16-16384 |
SidTypeLabel |
|
Protected Process Mandatory Level |
S-1-16-20480 |
SidTypeLabel |
For Windows behavior on the preceding entries, see the following citation.<20>