[thelist] IIS Security

Paul Cowan paul at wishlist.com.au
Wed Jul 25 02:46:39 CDT 2001


Hi Norman,

What you're probably seeing is a SID (Security IDentifier -- something 
like {S-1-2-34-5678901234-5678901234-567890123-4567}), which is how NT
accounts are referenced internally (they are just converted to 'friendly'
account names like DOMAIN\username to stop admins from going mad).

You will sometimes see SIDs crop up on security permissions... e.g. a
file has "read" permission for DOMAIN\bob. The DOMAIN\bob account is later
deleted, but that doesn't go through the filesystem and remove all those
references. So when you view the file security permissons, it says:
	Read: Fred
	Change: Mohammed
	Read: {S-1-2-34-5678901234-5678901234-567890123-4567}

(or words to that effect) because it now has no idea who that SID belongs
to.

If this is the sort of context you're seeing them in, you are GENERALLY
safe to delete those permissions. No guarantees they're not security 
tokens from some other domain or something though...

Cheers,

Paul




More information about the thelist mailing list