+ /* Proxy Sid */
+ SubAuthorities[0] = SECURITY_PROXY_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"PROXY",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Enterprise Controllers Sid */
+ SubAuthorities[0] = SECURITY_ENTERPRISE_CONTROLLERS_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"ENTERPRISE DOMAIN CONTROLLERS",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Principal Self Sid */
+ SubAuthorities[0] = SECURITY_PRINCIPAL_SELF_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"SELF",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Authenticated Users Sid */
+ SubAuthorities[0] = SECURITY_AUTHENTICATED_USER_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"Authenticated Users",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Restricted Code Sid */
+ SubAuthorities[0] = SECURITY_RESTRICTED_CODE_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"RESTRICTED",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Terminal Server Sid */
+ SubAuthorities[0] = SECURITY_TERMINAL_SERVER_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"TERMINAL SERVER USER",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Remote Logon Sid */
+ SubAuthorities[0] = SECURITY_REMOTE_LOGON_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"REMOTE INTERACTIVE LOGON",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* This Organization Sid */
+ SubAuthorities[0] = SECURITY_THIS_ORGANIZATION_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"This Organization",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Local System Sid */
+ SubAuthorities[0] = SECURITY_LOCAL_SYSTEM_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"SYSTEM",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Local Service Sid */
+ SubAuthorities[0] = SECURITY_LOCAL_SERVICE_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"LOCAL SERVICE",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Network Service Sid */
+ SubAuthorities[0] = SECURITY_NETWORK_SERVICE_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"NETWORK SERVICE",
+ L"NT AUTHORITY",
+ SidTypeWellKnownGroup);
+
+ /* Builtin Domain Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ LsapCreateSid(&NtAuthority,
+ 1,
+ SubAuthorities,
+ L"BUILTIN",
+ L"BUILTIN",
+ SidTypeDomain);
+
+ /* Administrators Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_ADMINS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Administrators",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Users Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_USERS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Users",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Guests Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_GUESTS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Guests",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Power User Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_POWER_USERS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Power User",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Account Operators Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Account Operators",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* System Operators Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_SYSTEM_OPS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Server Operators",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Print Operators Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_PRINT_OPS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Print Operators",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Backup Operators Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_BACKUP_OPS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Backup Operators",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Replicators Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_REPLICATOR;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Replicators",
+ L"BUILTIN",
+ SidTypeAlias);
+
+#if 0
+ /* RAS Servers Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_RAS_SERVERS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Backup Operators",
+ L"BUILTIN",
+ SidTypeAlias);
+#endif
+
+ /* Pre-Windows 2000 Compatible Access Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_PREW2KCOMPACCESS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Pre-Windows 2000 Compatible Access",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Remote Desktop Users Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Remote Desktop Users",
+ L"BUILTIN",
+ SidTypeAlias);
+
+ /* Network Configuration Operators Alias Sid */
+ SubAuthorities[0] = SECURITY_BUILTIN_DOMAIN_RID;
+ SubAuthorities[1] = DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS;
+ LsapCreateSid(&NtAuthority,
+ 2,
+ SubAuthorities,
+ L"Network Configuration Operators",
+ L"BUILTIN",
+ SidTypeAlias);
+