Service SIDs
Service SIDs are a feature of service isolation, a security feature introduced in Windows Vista and Windows Server 2008. Any service with the "unrestricted" SID-type property will have a service-specific SID added to the access token of the service host process.
The purpose of Service SIDs is to allow permissions for a single service to be managed without necessitating the creation of service accounts, an administrative overhead.
Each service SID is a local, machine-level SID generated from the service name using the following formula:
S-1-5-80-{SHA-1(service name in upper case)}
The sc.exe utility can be used to generate an arbitrary service SID:
sc.exe showsid dnscache
NAME: dnscache SERVICE SID: S-1-5-80-859482183-879914841-863379149-1145462774-2388618682 STATUS: Active
The service can also be referred to as NT SERVICE\
Read more about this topic: Security Identifier
Famous quotes containing the word service:
“Books can only reveal us to ourselves, and as often as they do us this service we lay them aside.”
—Henry David Thoreau (1817–1862)