Q

Exactly how is a SID created?

Exactly how is a SID created? In particular, what keeps one PC from creating a local SID that another PC hasn?t also picked?
A SID, that unique number that identifies a user account on a Windows system, is created when the account is created. The reason it will not be the same as another user account's SID on another machine, is that each machine receives its own special machine SID, and the use SID is partially a machine identifier and a unique user ID. In a Windows domain, every domain user account consists of a domain ID, and a unique user ID. In a Windows forest, one more step is added, the unique identifier or Relative ID (RID) numbers are controlled by a master function, the RID Master, so that no two domains will share RIDs.

The question does remain, why isn't it possible that the computer or domain ID might be repeated? This number is

calculated when the computer is installed and uses unique information in the calculation to ensure that the number is unique. Of course, there is no 100% guarantee, but the algorithm has been evaluated by those more mathematically knowledgeable than me, and they seem satisfied. You should also understand that some older server mirroring/cloning technologies did not change the SID, and we did see the problem you are envisioning -- duplicate SIDS, when people used them to create multiple clones of a single install.

This was first published in December 2003

Dig deeper on User passwords and network permissions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close