SECURITY_IDENTIFIER ( struct )
Header: WinNt.h
Library: Advapi32.lib
The SECURITY_IDENTIFIER structure defines a security identifier (SID) used to uniquely identify users, groups, and other security principals.
Definition
typedef struct _SECURITY_IDENTIFIER {
BYTE Revision;
BYTE SubAuthorityCount;
BYTE IdentifierAuthority[6];
DWORD SubAuthority[1];
} SECURITY_IDENTIFIER, *PSECURITY_IDENTIFIER;
Members
- Revision – The structure revision level. Must be set to
SID_REVISION(1). - SubAuthorityCount – Number of elements in the
SubAuthorityarray (0‑15). - IdentifierAuthority – 48‑bit value that identifies the authority issuing the SID.
- SubAuthority – Array of 32‑bit sub‑authority values. The length is determined by
SubAuthorityCount.
Example Usage (C++)
#include <windows.h>
#include <stdio.h>
int main() {
// Create a SID for the BUILTIN\Administrators group
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID pAdminSID = NULL;
if (!AllocateAndInitializeSid(&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0,0,0,0,0,0,
&pAdminSID)) {
printf("AllocateAndInitializeSid failed. Error: %lu\\n", GetLastError());
return 1;
}
// Convert SID to string for display
LPTSTR StringSid = NULL;
if (ConvertSidToStringSid(pAdminSID, &StringSid)) {
wprintf(L"SID: %s\\n", StringSid);
LocalFree(StringSid);
}
FreeSid(pAdminSID);
return 0;
}