Microsoft has reminded admins and users not to delete something, a so-called Windows Security Identifier (SID) function in case they accidentally break applications.
It is not clear why Microsoft has given the warning for a type of SID that has been part of the operating system since Windows 8 and Windows Server 2012, but the implication is that a lack of familiarity has caused support issues.
The SIDS, a bit like the Unix UID, form a fundamental part of the Windows system for identifying users, accounts and groups and determining whether someone has access to the other.
If a Windows user (Alice, say) sets up an account on her computer in her name, Windows identifies the account with a unique SID. Alice can change her account name as many times as she wants (to AliceB or even Jeff), but the underlying SID that identifies it to Windows always remains the same.
The 2012 revision extended SIDS to include things like file access, drive locations, access to certificates, cameras, removable storage, etc. Each became a & # 39; option & # 39; that a user or application could or wanted to have access rights.
According to Microsoft, Windows 10 1809 can use more than 300, one of the most common of which looks like this:
It is not hard to see why this confuses someone who's deep in his registry with the help of the editor (Get started > Run > regedt32.exe) where it appears as & # 39; account unknown & # 39; with full reading rights.
After research it seems that this is something that Windows itself has to restart after a restart, a kind of global SID.
That means that anyone who removes it without understanding this goal can break Windows themselves. As Microsoft's warning says:
DO NOT REMOVE the SIDS option from the registry or file system permissions. If a SID is removed from file system permissions or registry permissions, a function or application may not work properly. After you delete a SID with options, you cannot use the user interface to add it.
A further search reveals users who request help forums for advice on this SID, are unaware that it is legitimate, plus examples where administrators have removed it and live to regret the decision.
& # 39; Unfriendly & # 39; names
So how can admins decide which of these are legitimate SIDS and which may be suspicious?
Microsoft admits that Competence ID & # 39; s not & # 39; friendly & # 39; (that is, easy to understand), so it is not really useful to use it on your own. It even notes:
By design, a SID solution does not resolve to a descriptive name.
The answer is that all possibilities of SIDS should appear in the register – Get started > Run > regedt32.exeand go to the following registry entry:
HKEY_LOCAL_MACHINE SOFTWARE Microsoft SecurityManager CapabilityClasses AllCachedCapabilities.
If it is not on this list, further research needs to be done, considering that it can still be a legitimate possibility of a third party.
. (tagsToTranslate) microsoft (t) operating systems (t) organizations (t) windows (t) microsoft (t) permissions (t) security id (t) windows (t) windows 10 (t) windows security (t) windows sids