A URM elevated application contains an unknown SID

Version 1

    Verified Product Versions

    AppSense Application Manager 8.9AppSense Application Manager 8.8AppSense Application Manager 8.7AppSense Application Manager 8.6AppSense Application Manager 8.5AppSense Application Manager 8.4AppSense Application Manager 8.3AppSense Application Manager 8.2AppSense Application Manager 8.1AppSense Application Manager 8.0

    Introduction

    When elevating a process using Application Manager User Rights Management (URM), you notice an unknown SID (S-1-5-21-612037418-213544074-8-1-0-0) present within the token.

    Detail

    This is a URM Tag (SID) which can be used as a visual cue (so an administrator can see AM has done something when viewing the process properties in, for example, Process Explorer) and by the agent when it comes to some process rules /apply to child type rules. If the parent has been elevated by us and the config statues ‘apply to child’, the presence of the URM SID in the parent helps the agent decide what to do.