Jump to content

Talk:Security Identifier

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

Good introduction

[edit]

I am extremely impressed by the intro sentence "in the context of..." very well written, I'd like to see this more often on Wikipedia. By specifying the context it helps disambiguate.

Discussion

[edit]

It occurs to me that I thought this was describing GUIDs, not SIDs. So, my point was quite invalid. —Preceding unsigned comment added by 198.147.40.60 (talk) 00:31, 22 December 2007 (UTC)[reply]

I think that describing the SID as an alphanumeric name is a poor choice of terminology. While, when presented as a hexadecimal string, the constituents of the name are either alphabetic or numeric, the term alphanumeric does not give a sense of those characters which could not be in the SID. I believe hexadecimal would be better here. Of course the SID is actually a 128-bit identifier, and not it's hexadecimal (and punctuated) presentation, but if it is to be described by it's presentation, surely hexadecimal is the term. —Preceding unsigned comment added by 198.147.40.60 (talk) 00:26, 22 December 2007 (UTC)[reply]

I think there is an error in the beginning of the article. Example SID in decimal representation (S-1-5-21-7623811015-3361044348-030300820-1013) contains 030300820 that starts from "0" can never be obtained by converting HEX to DEC (according to the algorithm). If it is possible to have leading "0", than described algorithm is wrong. —Preceding unsigned comment added by 194.126.117.170 (talk) 18:33, 21 January 2009 (UTC)[reply]

Is "A security principal has a single SID for life" strictly correct? For example, if the user is shifted to another domain, they will get a new SID (as the "Domain ID" forms part of the SID). — Preceding unsigned comment added by Stephen Holder (talkcontribs) 14:25, 17 September 2012 (UTC)[reply]

Machine SIDs

[edit]

The wikipedia article states:

"The machine SID is stored in the SECURITY registry hive located at SECURITY\SAM\Domains\Account, this key has two values F and V"

I was unable to verify this on Windows XP Pro SP2. I have not run NewSID.

--Hm2k (talk) 19:49, 26 May 2009 (UTC)[reply]

HKLM\SECURITY normally has an ACL that does not allow any normal account (not even Administrator) to examine it. You can change that ACL with regedit using right-click and Permissions. Jordan Brown (talk) 17:49, 11 August 2011 (UTC)[reply]

SID duplication article

[edit]

[1] 84.109.65.205 (talk) 09:22, 4 November 2009 (UTC)[reply]

Decoding machine SID

[edit]

Is this correct?:

Security Accounts Manager, clark@hushmail.com

--Solde9 (talk) 18:17, 25 June 2011 (UTC)[reply]

It's probably mostly correct, but the way that it's presented is pretty bad. For one thing, it seems that the author doesn't understand the concept of a little-endian number. Rather than saying "split into three groups, reverse, convert to decimal", I'd say "the last 12 bytes are three 4-byte little-endian values". When I get a chance to confirm that on a real system, I'll change the article. Jordan Brown (talk) 18:09, 11 August 2011 (UTC)[reply]

SID permanence

[edit]

According to the article - http://technet.microsoft.com/en-us/library/cc961625.aspx - sids are not permanent, in contradiction to the lead paragraph of this article. SharePointPerry (talk) —Preceding undated comment added 17:56, 19 June 2012 (UTC)[reply]

Well-known SIDs

[edit]

What are the well-known SIDs (like local admin, local guest, SYSTEM, TrustedInstaller, etc.)? This is missing here. --193.134.254.25 (talk) 15:54, 22 November 2012 (UTC)[reply]

Now the truth

[edit]

"Now the truth is that when the computers..." If a paragraph is to begin in this manner, one would expect a citation to follow. If something is the truth, a source should back it up. — Preceding unsigned comment added by 96.240.164.30 (talk) 00:10, 23 July 2013 (UTC)[reply]