Link to home
Start Free TrialLog in
Avatar of link334
link334Flag for United States of America

asked on

SID creation

In Windows, what constitutes a SID?

For clarity, I understand the OS creates a SID for a security principle-computer, user or group, And the SID created is a unique number. However, in my ignorance is this number unique to each item or rather unique to the type of item. (E.g. Computer (regardles of type = 100), user (regrdles of name = 200) and group: admin = 500, domain admin = 501, users = 101, Everyone = 201.

The reason I ask for further understanding is a SID unigue to resources and users like Social Security numbers are, no to users, group or computers will have the same SID?

Thanks!
Avatar of oBdA
oBdA

Most of the the SIDs are indeed unique; some are equal for all systems:
Well-known security identifiers in Windows operating systems
http://support.microsoft.com/?kbid=243330
SOLUTION
Avatar of Tolomir
Tolomir
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of link334

ASKER

Tolomir,

Does the OS natively and automatically create a "unique" SID for the user or does one have to use the "Newsid" program to accomplish this?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Maybe you could provide us with some more information, why you need this SID information, the clonig  rollout was a wild guess from me, so not complete. oBdA is right with the details.

Tolomir
Avatar of link334

ASKER

Thank you each for your VALUABLE input.

This is self study for deeper understanding of how the SID is generated and its implications on the OS and resources. What extra you both have shown me is that it can potentially cause problems (duplication) that were unknown to me as well as utilities to correct/prevent this. After reading the LINKs provided, I did not realize the DC was responsible for the SID creatiun in a domain nor logic for each SID in that Domain.

You both are talented!
That SID identifier is giving a lot of users a "severe" headache, they used windows encrypted filesystem (efs) on some files, deleted those accounts / reinstalled windows by chance and are then trying to regain access to those now finally sealed documents.

Even if you create an account with the same name after a reinstallation, the SID is different, so you got no chance to recovery those files.

Just check http://search.experts-exchange.com/search.jsp?query=EFS+recovery&searchType=all&Submit.x=0&Submit.y=0 as reference.

Tolomir
Avatar of link334

ASKER

Awesome stuff. thanks for the help and direction.

LP