Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

3.1.4.6 LsarLookupNames3 (Opnum 68)

The LsarLookupNames3 method translates a batch of security principal names to their SID form. It also returns the domains that these names are a part of.<27>

NTSTATUS LsarLookupNames3(
  [in] LSAPR_HANDLE PolicyHandle,
  [in, range(0,1000)] unsigned long Count,
  [in, size_is(Count)] PRPC_UNICODE_STRING Names,
  [out] PLSAPR_REFERENCED_DOMAIN_LIST* ReferencedDomains,
  [in, out] PLSAPR_TRANSLATED_SIDS_EX2 TranslatedSids,
  [in] LSAP_LOOKUP_LEVEL LookupLevel,
  [in, out] unsigned long* MappedCount,
  [in] unsigned long LookupOptions,
  [in] unsigned long ClientRevision
);

PolicyHandle: Context handle obtained by an LsarOpenPolicy or LsarOpenPolicy2 call.

Count: Number of security principal names to look up.<28>

Names: Contains the security principal names to translate, as specified in section 3.1.4.5.

ReferencedDomains: On successful return, contains the domain information for the domain to which each security principal belongs. The domain information includes a NetBIOS domain name and a domain SID for each entry in the list.

TranslatedSids: On successful return, contains the corresponding SID forms for security principal names in the Names parameter. It MUST be ignored on input.

LookupLevel: Specifies what scopes are to be used during translation, as specified in section 2.2.16.

MappedCount: On successful return, contains the number of names that are translated completely to the SID form. This parameter has no effect on message processing in any environment. It MUST be ignored on input.

LookupOptions: Flags that control the lookup operation. For possible values and their meanings, see section 3.1.4.5.

ClientRevision: Version of the client, which implies the client's capabilities. For possible values and their meanings, see section 3.1.4.5.

Return Values: The following table contains a summary of the return values that an implementation MUST return, as specified by the message processing shown after the table.

Return value/code Description

0x00000000
STATUS_SUCCESS

The request was successfully completed.

0x00000107
STATUS_SOME_NOT_MAPPED

Some of the information to be translated has not been translated.

0xC0000022
STATUS_ACCESS_DENIED

The caller does not have the permissions to perform this operation.

0xC000000D
STATUS_INVALID_PARAMETER

One of the supplied parameters was invalid.

0xC0000073
STATUS_NONE_MAPPED

None of the information to be translated has been translated.

The behavior required when receiving an LsarLookupNames3 message MUST be identical to that when receiving an LsarLookupNames4 message, with the following exceptions:

  • This message is valid on non–domain controller machines as well as domain controllers.

  • The server MUST return STATUS_ACCESS_DENIED if neither of the following conditions are true:

    1. The RPC_C_AUTHN_NETLOGON security provider (as specified in [MS-RPCE] section 2.2.1.1.7) and at least RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication level (as specified in [MS-RPCE] section 2.2.1.1.8) were used in this RPC message.

    2. The PolicyHandle was granted POLICY_LOOKUP_NAMES access.

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.