A SID (Security Identifier) is a unique alphanumeric string that is used to identify an object, such as a user or a group of users in a network. Windows grants or denies access and privileges to resources based on ACLs, which use SIDs to uniquely identify users and their group memberships. When a user requests access to a resource, the user's SID is checked by the ACL to determine if that user is allowed to perform that action or if that user is part of a group that is allowed to perform that action. When an user or object is deleted, that unique SID is also deleted. Even if you create the same object with the same properties, the SID will not be the same.
2. A GUID (Globally Unique Identifier) is a unique 128-bit number that is produced by Windows or by some Windows application to identify a particular component, application, file, database entry, and/or user. For instance, a Web site may generate a GUID and assign it to a user's browser to record and track the session. Windows also identifies user accounts by a username and domain and assigns it a GUID. GUIDs can be created in a number of ways, but usually they are a combination of a few unique settings based on specific point in time such as an IP address, network MAC address, or clock time. .
3. Internal processes in Windows refer to an account's SID rather than the account's user or group name. Users and groups are assigned permissions to allow or deny access to a resource. When a user tries to access a resource, Active Directory checks the SID to see what permissions the user has. .
4. Users are either allowed or denied access to the resources on the network. This allows a network administrator to control what personnel have access to what files and folders. .