Service SIDs
Service SIDs are a feature of service isolation, a security feature introduced in Windows Vista and Windows Server 2008. Any service with the "unrestricted" SID-type property will have a service-specific SID added to the access token of the service host process.
The purpose of Service SIDs is to allow permissions for a single service to be managed without necessitating the creation of service accounts, an administrative overhead.
Each service SID is a local, machine-level SID generated from the service name using the following formula:
S-1-5-80-{SHA-1(service name in upper case)}
The sc.exe utility can be used to generate an arbitrary service SID:
sc.exe showsid dnscache
NAME: dnscache SERVICE SID: S-1-5-80-859482183-879914841-863379149-1145462774-2388618682 STATUS: Active
The service can also be referred to as NT SERVICE\
Read more about this topic: Security Identifier
Famous quotes containing the word service:
“The socialism of our day has done good service in setting men to thinking how certain civilizing benefits, now only enjoyed by the opulent, can be enjoyed by all.”
—Ralph Waldo Emerson (1803–1882)