3.1.4.8.3 LsarLookupPrivilegeName (Opnum 32)
The LsarLookupPrivilegeName method is invoked to map the LUID of a privilege into a string name by which the privilege is known on the server.
-
NTSTATUS LsarLookupPrivilegeName( [in] LSAPR_HANDLE PolicyHandle, [in] PLUID Value, [out] PRPC_UNICODE_STRING* Name );
PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
Value: A LUID that the caller wishes to map to a string name.
Name: Used to return the string name corresponding to the supplied LUID.
Return Values: The following is a summary of the return values that an implementation MUST return, as specified by the message processing that follows.
-
Return value/code
Description
0x00000000
STATUS_SUCCESS
The request was successfully completed.
0xC0000022
STATUS_ACCESS_DENIED
The caller does not have the permissions to perform this operation.
0xC0000060
STATUS_NO_SUCH_PRIVILEGE
The supplied LUID is not recognized by the server.
0xC0000008
STATUS_INVALID_HANDLE
PolicyHandle is not a valid handle.
Processing:
This message takes three arguments:
PolicyHandle: An open handle to the policy object. If the handle is not a valid context handle to the policy object or PolicyHandle.HandleType does not equal "Policy", the server MUST return STATUS_INVALID_HANDLE. The server MUST verify that PolicyHandle grants access as specified in section 3.1.4.2.2 with RequiredAccess set to POLICY_LOOKUP_NAMES.
Value: The LUID of the privilege.
Name: Used to return the name corresponding to the LUID contained in the Value argument.
If the LUID in the Value argument is not recognized by the server, the server MUST fail the request with STATUS_NO_SUCH_PRIVILEGE. The privileges recognized by the server are specified in section 3.1.1.2.1.