| Glossary |
To be able to search and sort objects under NTFS
| Value | Name | Compare the Values as: |
|---|---|---|
| 0x00 | Binary | Binary, where the first byte is most significant |
| 0x01 | Filename | Unicode strings |
| 0x02 | Unicode | Unicode strings, except that upper case letters should come first |
| 0x10 | ULONG | An unsigned long (32 bits, little-endian) |
| 0x11 | SID | A security identifier |
| 0x12 | Security Hash | First compare by the Security Hash, then by Security Identifier |
| 0x13 | ULONGS | A set of unsiged longs (32 bits, little-endian) |
Here are some examples of where various collation rules are used.
| Name | Used By |
|---|---|
| ULONG | $SII in file $Secure |
| SID | $O in file $Extend/$Quota |
| Security Hash | $SDH in file $Secure |
| ULONGS | $O in file $Extend/$ObjId |
When comparing by ULONGS, where is the maximum length specified? Or, can two objects never have identical ULONGS?
0x13 ULONGS refers to GUIDs TEST