[Fix] Account Unknown s-1-15-3 (100% Working)

|

The main reason a user profile, in most instances a domain profile, appears in User Profile Manager with the headline “Account Unknown” is that it’s SID (security ID) is invalid, or the machine has joined a new domain.

The SID (security identification) Account Unknown signifies that the User Profile is no longer active. You can notice this when an account isn’t properly deactivated.

Account Unknown s-1-15-3

How and Why Does ‘Account Unknown s-1-15-3’ Error Happen?

It appears that for certain hardware configurations (see below), an unusual SID is created that the system does not recognize, resulting in it being listed as an “Unknown Account.” Except that this SID is assigned permissions at top-level registry keys and then propagates down to a large number of system objects, this could be a minor annoyance. As a result, this unidentified account has access to a wide range of objects and processes, including the ability to launch and activate nearly any DCOM object on the system.

This account’s SID is S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681, and there’s some evidence that these security entries are created during the installation of NVidia video drivers (see Sonya’s posts here and here). As I previously stated, this could be a small cosmetic annoyance, but it may not be.

In Windows, you must right-click on an item and select Properties to find its SID. When you go to the Security tab on the property sheet, you should be able to find SIDs under Groups or user names. You can click on the Advanced option to learn more about the SIDs mentioned there. This should bring you to the window for Advanced Security Settings. As demonstrated in the screenshot above, you can observe access and inheritance for the SIDs. However, you might come into Account Unknown SID on sometimes. You could be wondering why it’s showing up and if it’s something to be concerned about. Let’s see if we can discover an answer to these questions.

To begin with, the SID shown above does not appear to be conventional, correctly constituted SID. Second, I’ve read that Windows permits processes to construct SIDs of that type “on the fly” for certain purposes like sandboxing: You provide a process a SID for a non-existent account, which implies it doesn’t have access to any of the usual system objects save those with “Everyone” rights, I believe.

If that’s the case, and if a process may freely construct SIDs, the problem with the NVidia-generated SID is that it leaves our systems wide open to any process that can generate this SID for itself. In other words, we’d be dealing with a major security flaw. Indeed, the poster I referenced above (Sonya) claims that NVidia software appears to be exploiting this approach to launch all sorts of tasks, including remote connections of various kinds. She even goes so far as to call it “theft ware” in one of her posts.

How ‘Account Unknown s-1-15-3’ Error Can Be Solved?

The security concept “S-1-15-3-4096” is taken into consideration. It needs a name, a description, and a clearer explanation from Microsoft. Darkness isn’t a suitable security measure.

Low (SID: S-1-16-4096), medium (SID: S-1-16-8192), high (SID: S-1-16-12288), and system (SID: S-1-16-12288) are the four integrity levels defined by Windows Vista (SID: S-1-16-16384).

Having the security principle (S-1-16-4096) with access to Favorites, according to my experience, permits an ‘IE’ process mode in protected low integrity to add favorites. (It’s important to look into adding integrity to records for access.)

Otherwise, you must complete one of the following tasks in order to add a favorite to the Internet zone:

-Open Internet Explorer as an administrator -add the site to the Internet zone -turn off “Protected Mode” in the Internet zone

All of these things are things I would advise against because you lose certain protections.

You can manually add the principle to the file properties, use ICACLS, PowerShell, or VBScript, or use ICACLS, PowerShell, or VBScript.

Example of Windows 8 system permissions:

S-1-15-3-4096 favorites: (OI) (CI) (RX, W, DC)

NT AUTHORITY\

SYSTEM: (I) (OI) (CI) (F)

BUILTIN\

Administrators: (I) (OI) (ci) (F)

domain\id: (I) (OI) (ci) (F)

Mandatory Label\

Low mandatory Level: (OI) (CI) (NW)

Here are the ICACLS commands: (added)

Conclusion

The unknown account mainly appears because of an invalid security id. But it is not any bug or mysterious virus which will damage your PC. There are ways to solve this problem and easy ones. So, rest assured!! Your PC is not at risk.

Similar Posts

Leave a Reply

Your email address will not be published.