Active Directory Background

SID structure

S-1-5-21-4020112180-1664985325-2996139612-1103

4020112180-1664985325-2996139612: domain id
1103: RID, unique for each security principal in an domain

SIDs of build-in windows groups are prefixed with S-1-5-32

RID	Username
500	administrator
502	krbtgt
512	domain admins
516	domain controllers
519	enterprise admins

AD group scopes

domain local
global: can only have members as from the same domain as the global group is in
universal
builtin local: can only have permissions on AD objects of the same domain

🪴 Quartz 4.0

Explorer

Active Directory

Active Directory Background

SID structure

AD group scopes

Graph View

Table of Contents

Backlinks