#TYPE System.Management.Automation.PSCustomObject
"Type"	"RID"	"Name"	"Description"
"User"	"500"	"Administrator"	"Built-in account for administering the computer/domain"
"User"	"501"	"Guest"	"Built-in account for guest access to the computer/domain"
"Group"	"579"	"Access Control Assistance Operators"	"Members of this group can remotely query authorization attributes and permissions for resources on this computer."
"Group"	"544"	"Administrators"	"Administrators have complete and unrestricted access to the computer/domain"
"Group"	"551"	"Backup Operators"	"Backup Operators can override security restrictions for the sole purpose of backing up or restoring files"
"Group"	"574"	"Certificate Service DCOM Access"	"Members of this group are allowed to connect to Certification Authorities in the enterprise"
"Group"	"569"	"Cryptographic Operators"	"Members are authorized to perform cryptographic operations."
"Group"	"562"	"Distributed COM Users"	"Members are allowed to launch, activate and use Distributed COM objects on this machine."
"Group"	"573"	"Event Log Readers"	"Members of this group can read event logs from local machine"
"Group"	"546"	"Guests"	"Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted"
"Group"	"578"	"Hyper-V Administrators"	"Members of this group have complete and unrestricted access to all features of Hyper-V."
"Group"	"568"	"IIS_IUSRS"	"Built-in group used by Internet Information Services."
"Group"	"556"	"Network Configuration Operators"	"Members in this group can have some administrative privileges to manage configuration of networking features"
"Group"	"559"	"Performance Log Users"	"Members of this group may schedule logging of performance counters, enable trace providers, and collect event traces both locally and via remote access to this computer"
"Group"	"558"	"Performance Monitor Users"	"Members of this group can access performance counter data locally and remotely"
"Group"	"547"	"Power Users"	"Power Users are included for backwards compatibility and possess limited administrative powers"
"Group"	"550"	"Print Operators"	"Members can administer printers installed on domain controllers"
"Group"	"576"	"RDS Endpoint Servers"	"Servers in this group run virtual machines and host sessions where users RemoteApp programs and personal virtual desktops run. This group needs to be populated on servers running RD Connection Broker. RD Session Host servers and RD Virtualization Host servers used in the deployment need to be in this group."
"Group"	"577"	"RDS Management Servers"	"Servers in this group can perform routine administrative actions on servers running Remote Desktop Services. This group needs to be populated on all servers in a Remote Desktop Services deployment. The servers running the RDS Central Management service must be included in this group."
"Group"	"575"	"RDS Remote Access Servers"	"Servers in this group enable users of RemoteApp programs and personal virtual desktops access to these resources. In Internet-facing deployments, these servers are typically deployed in an edge network. This group needs to be populated on servers running RD Connection Broker. RD Gateway servers and RD Web Access servers used in the deployment need to be in this group."
"Group"	"555"	"Remote Desktop Users"	"Members in this group are granted the right to logon remotely"
"Group"	"580"	"Remote Management Users"	"Members of this group can access WMI resources over management protocols (such as WS-Management via the Windows Remote Management service). This applies only to WMI namespaces that grant access to the user."
"Group"	"552"	"Replicator"	"Supports file replication in a domain"
"Group"	"545"	"Users"	"Users are prevented from making accidental or intentional system-wide changes and can run most applications"