In the context of the Microsoft Windows NT line of operating systems, a SID (Security IDentifier) is a unique, immutable identifier of a user, user group, or other security principal.
Windows grants or denies access and privileges to resources based on access control lists (ACLs), which use SIDs to uniquely identify users and their group memberships.
When a user logs into a computer, an access token is generated that contains user and group SIDs and user privilege level. When a user requests access to a resource, the access token is checked against the ACL to permit or deny particular action on a particular object.
SIDs are useful for troubleshooting issues with security audits, Windows server and domain migrations.