Share via

3.5.3 Retrieve DHCP Administrators Group SID

  • Article

The DHCP Administrators group SID is retrieved by using the Local Security Authority method LsarLookupNames2. This method requires an initial call to the LsarOpenPolicy method to obtain a PolicyHandle, as specified in [MS-LSAT] section 3.1.4.2. The LsarLookupNames2 method ([MS-LSAT] section 3.1.4.7) is called with parameter values as specified in the following table.

Parameter

Value

PolicyHandle

Obtained by calling the LsarOpenPolicy method with the following parameter values:

  • SystemName is NULL

  • ObjectAttributes address of an OBJECT_ATTRIBidlUTES object

  • DesiredAccess of POLICY_LOOKUP_NAMES

Names

DHCP Administrators

LookupLevel

LsapLookupWksta (sections 3.1.4.7 and 2.2.16)

LookupOptions

0

DHCP Administrators are created in the account database for the local domain as specified in [MS-SAMR] sections 4.1, 3.1.5.1.1, 3.1.5.1.5, 3.1.5.2.1, 3.1.5.4.3, and 3.1.5.11.1.The returned DHCP Administrators SID is copied to the ADM data element DHCPAdministratorsSid.