6.1.1.4.12 Builtin Container
In AD DS, each domain NC contains this container. Its children are described later in this section. This container is not present in AD LDS.
name: Builtin
parent: domain NC root
systemFlags: {FLAG_DISALLOW_DELETE | FLAG_DOMAIN_DISALLOW_RENAME | FLAG_DOMAIN_DISALLOW_MOVE}
The children of the Builtin container are well-known security principals from the built-in domain.
Each child of the Builtin container is a group with the following attributes:
parent: Builtin container
objectClass: group
objectSid: The domain portion is the built-in domain SID (S-1-5-32). The RID portion is specified per object in the following subsections. For instance, the Account Operators RID is 548, so the Account Operators objectSid is S-1-5-32-548.
systemFlags: {FLAG_DISALLOW_DELETE | FLAG_DOMAIN_DISALLOW_RENAME | FLAG_DOMAIN_DISALLOW_MOVE}
groupType: {GROUP_TYPE_BUILTIN_LOCAL_GROUP | GROUP_TYPE_RESOURCE_GROUP | GROUP_TYPE_SECURITY_ENABLED}
Unless otherwise noted in the following subsections, the initial membership of each group is empty. After initialization, the administrator controls the membership of each group.