Security Identifier (SID) history overview

SID history preserves the membership and access rights of users and groups during an Active Directory domain migration.

Security identifier (SID) history preserves the membership and access rights of users and groups during an Active Directory domain migration. When an object is moved to a new domain, the new domain generates a new SID with a unique prefix and records the previous SID information in an LDAP field. This process ensures that users and groups retain the same access rights and privileges in the new domain that they had in the previous domain.

Note the following when working with historical SIDS.
  • Use historical SIDs only to maintain historical file access and authentication privileges.
  • Do not use historical SIDs to add new users, groups, or roles.
  • Always use the current object SID as defined by the domain to modify a user or to add a user to any role or group.