What Are Registry SIDs ?
One feature of computing we are ALL familiar with nowadays is security.
Windows XP needs a way to manage the security of all its users accounts,
computer accounts and other types of “objects” the operating system uses in
the background. (All we need, for a basic understanding of the Registry, are
One of the many ways Windows manages security is by giving each user account a unique identification.
We call this a Security Identifier or a SID for short!
You will see account SID’s often in the Registry so it is important to at least recognise them. For instance when I logon to my home PC I use the account name USER01. But the computer really sees this account as my SID. However since SID’s are quite long "strings" of data it would be very awkward trying to remember it.
As an example, the SID for particular user account on my home PC is:
S-1-5-21-1606980848-725345543-1801674531-1003 (see Figure 1.0)
Fig 1.0 An Example of a SID from the Registry
A list of users SID's can be found at:
Now imagine entering that SID in every time you wish to logon! It is
much easier to just type the user name. However all the folders and
objects etc. that belong to the current user will be seen by the
computer’s security checks as their account’s SID.
So, if another account tries to access a folder, that is restricted to specific user accounts that do not include them, they will be refused access to that folder.
Basically what is happening behind the scenes is that if the current user SID does not match the permissions Windows knows exist for that folder it refuses access to the current user.
Now SID’s are not just restricted to home PC’s. If you work for a company that has a network of computers then SID’s are responsible for your logon to the network. If your account does not have a valid SID then you will not be able to logon to the network.
In practice SID’s are much more complicated than this, but you do not need to become a Windows security expert to use the Registry with confidence! So just be aware of what a SID looks like and what its basic function is and that will be enough for the purpose exploring the Registry.
There are many other SID's that you will see contained in the Registry
key... For example: S-1-2 (Local Authority Account)
A complete list of well-known security identifiers in Windows operating systems can be found here: http://support.microsoft.com/kb/243330