by Michael S. Kaplan, published on 2008/06/24 10:01 -04:00, original URI: http://blogs.msdn.com/b/michkap/archive/2008/06/24/8639579.aspx
Here is thst big list of well-known SIDs, the bulk of which are localizable and a significant number of which are localized.
Note that not all of them are necessarily going to be useful for your program, or even for any program.
But with knowledge comes power, so enjoy the list for its own sake. :-)
| S-1-0 | Null Authority | An identifier authority. |
| S-1-0-0 | Nobody | No security principal. |
| S-1-1 | World Authority | An identifier authority. |
| S-1-1-0 | Everyone | A group that includes all users, even anonymous users and guests. Membership is controlled by the operating system. Note By default, the Everyone group no longer includes anonymous users on a computer that is running Windows XP Service Pack 2 (SP2). |
| S-1-2 | Local Authority | An identifier authority. |
| S-1-3 | Creator Authority | An identifier authority. |
| S-1-3-0 | Creator Owner | A placeholder in an inheritable access control entry (ACE). When the ACE is inherited, the system replaces this SID with the SID for the object's creator. |
| S-1-3-1 | Creator Group | A placeholder in an inheritable ACE. When the ACE is inherited, the system replaces this SID with the SID for the primary group of the object's creator. The primary group is used only by the POSIX subsystem. |
| S-1-3-2 | Creator Owner Server | This SID is not used in Windows 2000. |
| S-1-3-3 | Creator Group Server | This SID is not used in Windows 2000. |
| S-1-4 | Non-unique Authority | An identifier authority. |
| S-1-5 | NT Authority | An identifier authority. |
| S-1-5-1 | Dialup | A group that includes all users who have logged on through a dial-up connection. Membership is controlled by the operating system. |
| S-1-5-2 | Network | A group that includes all users that have logged on through a network connection. Membership is controlled by the operating system. |
| S-1-5-3 | Batch | A group that includes all users that have logged on through a batch queue facility. Membership is controlled by the operating system. |
| S-1-5-4 | Interactive | A group that includes all users that have logged on interactively. Membership is controlled by the operating system. |
| S-1-5-5-X-Y | Logon Session | A logon session. The X and Y values for these SIDs are different for each session. |
| S-1-5-6 | Service | A group that includes all security principals that have logged on as a service. Membership is controlled by the operating system. |
| S-1-5-7 | Anonymous | A group that includes all users that have logged on anonymously. Membership is controlled by the operating system. |
| S-1-5-8 | Proxy | This SID is not used in Windows 2000. |
| S-1-5-9 | Enterprise Domain Controllers | A group that includes all domain controllers in a forest that uses an Active Directory directory service. Membership is controlled by the operating system. |
| S-1-5-10 | Principal Self | A placeholder in an inheritable ACE on an account object or group object in Active Directory. When the ACE is inherited, the system replaces this SID with the SID for the security principal who holds the account. |
| S-1-5-11 | Authenticated Users | A group that includes all users whose identities were authenticated when they logged on. Membership is controlled by the operating system. |
| S-1-5-12 | Restricted Code | This SID is reserved for future use. |
| S-1-5-13 | Terminal Server Users | A group that includes all users that have logged on to a Terminal Services server. Membership is controlled by the operating system. |
| S-1-5-18 | Local System | A service account that is used by the operating system. |
| S-1-5-19 | Local Service | Local Service |
| S-1-5-20 | Network Service | Network Service |
All of these are greate for those LookupAccountSid calls that solve problems previously discussed....
This blog brought to you by 🀫 (U+1f02b, aka MAHJONG TILE BACK)
John Cowan on 24 Jun 2008 3:22 PM:
Here's an analogue from Elsewhere:
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:8:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:12:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
dhcp:x:101:101::/nonexistent:/bin/false
syslog:x:102:102::/home/syslog:/bin/false
klog:x:103:103::/home/klog:/bin/false
cupsys:x:100:106::/home/cupsys:/bin/false
messagebus:x:104:107::/var/run/dbus:/bin/false
haldaemon:x:108:108:Hardware abstraction layer,,,:/var/run/hal:/bin/false
hplip:x:105:7:HPLIP system user,,,:/var/run/hplip:/bin/false
gdm:x:106:111:Gnome Display Manager:/var/lib/gdm:/bin/false
The first number is a user number and the second a group number; then comes a user name, a home directory, and a default shell. The "x" used to be the password field and is now a spacer.