Home tenfold Blog Wiki

Orphaned SIDs

Helmut Semmelmayer · 20.08.2019

A SID becomes “orphaned” when it is used in an ACL entry, but the corresponding object (computer, user or group) no longer exists in Windows.

In Windows, these entries can be identified by the text “Unknown account (S-1-5-…)” appearing instead of the object name. This indicates that the specified SID can no longer be translated to a user or group.

Orphaned SID entries are not harmful per se, but they are of no help at all to maintaining an overview of the situation. In fact, they make it really hard to keep track of who has access to what resource.

About the Author: Helmut Semmelmayer

As VP of Revenue Operations, Helmut Semmelmayer heads up marketing and channel sales at tenfold Software. A veteran with more than 15 years of experience in Identity & Access Management, Helmut uses our blog to share his in-depth knowledge of industry best practices and the technical foundations underpinning the administration of IT privileges.