In
Marcel said:
Ace,
Thanks for the swift response, however this doesn't answer my
question. Let me explain...
The Domain SID, taken from the technet-article you referred to is:
. A domain identifier (21-1004336348-1177238915-682003330), Contoso
What I would like to know is how the three (30bit) numbers are
generated when the Domain is created ? Is there a particular
algorithm based on hardware, date, time ?? Why are they seperated
with dashes, are there three separate algorithms ?
info appreciated
regards,
Marcel
That my friend is propietary Microsoft protected information. For if we all
knew that, we can develop apps to impersonate just about anything on the
machine, correct? There are about 250+ (IIRC) APIs that Microsoft released
the availability most of them except about 50 or so of them, to developers
so they can re-design apps (backup, TAPI APIs, etc) to work under Windows
instead of being confined to the API limitations. The ones they did not
release are security algorithms and other security aspects that if released,
well, you get my drift.
I can tell you one thing, the domain SID, wihch is generated during the
dcpromo process, and more than likely creates the RID pool (for the first DC
in the domain/forest) during the promotion process, which it then takes RID
#s as the promotion process needs to create the base default domain objects.
This can't be reproduced as what I think you are implying or trying. This is
why you can't simply take a DC with the same name and expect it to work with
a domain of the same name. Underneath it uses the SIDs and GUIDs to identify
the DC, not the name.
The dashes are delimiters for various components of the SID, as the article
explains.
Also I remember somewhere that the date and time is a factor during
generation as well giving it uniqueness. Don't quote me on that, and maybe
someone else here can give you more specifics than I can.
Curious, what are your intentions?
Ace
