分类
百科

安全标识符

安全标识符\n\n安全标识符(SecurityIdentifier,SID)是Windows操作系统使用的独一无二的,不变的标识符用于标识用户、用户群、或其他.\n\n安全标识符一经产生,不会与全世界任何的安全标识符重复;也不随用户更名而变化。如果删除了用户帐户,然后再创建同名帐户,则产生的安全标识符是不同的。\nS

安全标识符\n\n安全标识符 (Security Identifier,SID)是Windows操作系统使用的独一无二的,不变的标识符用于标识用户、用户群、或其他. \n\n安全标识符一经产生,不会与全世界任何的安全标识符重复;也不随用户更名而变化。如果删除了用户帐户,然后再创建同名帐户,则产生的安全标识符是不同的。\nSID格式可用下例解释: \”S-1-5-21-3623811015-3361044348-30300820-1013\”\n可能的值:\nThe machine SID is stored in the SECURITY registry hive located at SECURITY\\SAM\\Domains\\Account, this key has two values F and V. The V value is a binary value that has the computer SID embedded within it at the end of its data (last 96 bits).\n\nThe SID number is used in file, registry, service and users permissions. The machine SID is determined in hexadecimal form from here:\nIf the SAM file is missing at startup, a backup is retrieved in hexadecimal form here:\nSometimes the SID number is referenced in decimal form.\n\nService SIDs are a feature of service isolation, a security feature introduced in Windows Vista and Windows Server 2008. \nAny service with the \”unrestricted\” SID-type property will have a service-specific SID added to the access token of the service host process.\n\nThe purpose of Service SIDs is to allow permissions for a single service to be managed without necessitating the creation of service accounts, an administrative overhead.\n\nEach service SID is a local, machine-level SID generated from the service name using the following formula:\n\ncodice_5\n\nThe sc.exe utility can be used to generate an arbitrary service SID:\n\ncodice_6\n\nThe service can also be referred to as NT SERVICE\\ (e.g. \”NT SERVICE\\dnscache\”).\n”}

发表评论

电子邮件地址不会被公开。 必填项已用*标注