Saturday, March 14, 2009

Unresolved SIDs

When we are working on cleaning up security in a Active Directory environment using Varonis DatAdvantage, one of the common problems that we run across are SIDs that Varonis cannot resolve to a useful name. In most cases this is because someone has deleted the user from Active Directory, rather than just disabling the user account. However, there are cases when the SID (security identifier) represents a group or machine account. Here is an example:

SID: S-1-5-32-544

Nobody ever remembers what those are. In walks Jennifer!

A Varonis user that we were working with, Jennifer Crusade, found this great Knowledge Base article that explains common security identifiers in Windows operating systems.

http://support.microsoft.com/kb/243330

Hope this helps you resolve a question or two.

No comments:

Post a Comment