There is not much to write about how you can obtain the user’s SID.

SID is the short form of Security Identifier. It is used to uniquely name a user (like Alice or Bob), a group (like Users or Administrators) or a system account (like SYSTEM or Network Service). Important to understand is that not only human users get a SID but also system parts like the System or [...]

Many developers know that mysterious parameter some WinAPI function offer to use. What I am talking about is a parameter called lpSecurityAttributes. The documentation states that it allows to change the security descriptor of the desired element. The most known function is CreateFile which I want to use here. It allows to create a file [...]

Windows Vista contains a new feature that allows an administrator to work with less privileges. Every time a user who belongs to the administrator group logs on, the LogonUser API creates two tokens. One tokens contains the real power of the user and the second contains only restricted access. We call such a token restricted [...]