IT Questions and Answers :)

Friday, December 13, 2019

What is the SID for the Domain Admins security group in Active Directory?

What is the SID for the Domain Admins security group in Active Directory?

  • S-1-5-21domain-512
  • S-1-5-21domain-514
  • S-1-5-21domain-513
  • S-1-5-21domain-515


The SID (Security IDentifier) is a unique ID number that a computer or domain controller uses to identify you. It is a string of alphanumeric characters assigned to each user on a Windows computer, or to each user, group, and computer on a domain-controlled network such as Indiana University's Active Directory

An SID looks like this:
Microsoft usually breaks this down into this pattern:
  (SID)-(revision level)-(identifier-authority)-(subauthority1)-(subauthority2)-(etc)
  • SID: The initial S merely identifies the following string as being an SID.
  • Revision level: To date, this has never changed and has always been 1.
  • Identifier-authority: This is a 48-bit string that identifies the authority (the computer or network) that created the SID.
  • Subauthority: This is a variable number that identifies the relation of the user or group described by the SID to the authority that created it. The number tells you:
    • Which computer (or network) created the number
    • Whether this user is a normal user, a guest, an administrator, or part of some other group
    • In what order the user's account was created by this authority (i.e., "This was the first user" or "This is the 231st machine account created".)

    This number is also referred to as the "Relative identifier". There can be several subauthorities involved, especially if the account exists on a domain and belongs to different groups.
This security group has not changed since Windows Server 2008.
Attribute Value
Well-Known SID/RID S-1-5-<domain>-512
Type Domain Global
Default container CN=Users, DC=<domain>, DC=
Default members Administrator
Default member of Administrators
Denied RODC Password ReplicationGroup
Protected by ADMINSDHOLDER? Yes
Safe to move out of default container? Yes
Safe to delegate management of this group to non-Service admins? No
Default User Rights See Administrators
See Denied RODC Password Replication Group


Post a Comment

Popular Posts