3.1.5.3.4 SamrGetDisplayEnumerationIndex2 (Opnum 49)

  • Article

The SamrGetDisplayEnumerationIndex2 method obtains an index into an ascending account-name–sorted list of accounts, such that the index is the position in the list of the accounts whose account name best matches a client-provided string.

 long SamrGetDisplayEnumerationIndex2(
   [in] SAMPR_HANDLE DomainHandle,
   [in] DOMAIN_DISPLAY_INFORMATION DisplayInformationClass,
   [in] PRPC_UNICODE_STRING Prefix,
   [out] unsigned long* Index
 );

DomainHandle: An RPC context handle, as specified in section 2.2.7.2, representing a domain object.

DisplayInformationClass: An enumeration indicating which set of objects to return an index into (for a subsequent SamrQueryDisplayInformation3 method call).

Prefix: A string matched against the account name to find a starting point for an enumeration. The Prefix parameter enables the client to obtain a listing of an account from SamrQueryDisplayInformation3 such that the accounts are returned in alphabetical order with respect to their account name, starting with the account name that most closely matches Prefix. See details later in this section.

Index: A value to use as input to SamrQueryDisplayInformation3 in order to control the accounts that are returned from that method.

This protocol asks the RPC runtime, via the strict_context_handle attribute, to reject the use of context handles created by a method of a different RPC interface than this one, as specified in [MS-RPCE] section 3.

Upon receiving this message, the server MUST process the data from the message subject to the following constraints:

  1. The server MUST return an error if DomainHandle.HandleType is not equal to "Domain".

  2. DomainHandle.GrantedAccess MUST have the required access specified in section 3.1.2.2. Otherwise, the server MUST return STATUS_ACCESS_DENIED.

  3. If DisplayInformationClass is not one of the following values, the server MUST return an error code: DomainDisplayUser, DomainDisplayMachine, DomainDisplayGroup.

  4. If no accounts exist of the type specified in DisplayInformationClass, the server MUST return STATUS_NO_MORE_ENTRIES.

  5. The output parameter called Index MUST be returned as an index into a one-based-indexed list of database objects sorted by their sAMAccountName attribute value. The index is the position of the element that just precedes the element whose sAMAccountName generates the longest substring match starting at the beginning of the string with the Prefix input parameter. If no such element exists, the server MUST return STATUS_NO_MORE_ENTRIES.

  6. The list of directory objects MUST correspond to DisplayInformationClass as follows.

    DisplayInformationClass

    Database object criteria

    DomainDisplayUser

    All user objects (or those derived from user) with userAccountControl containing the UF_NORMAL_ACCOUNT bit.

    DomainDisplayMachine

    All user objects (or those derived from user) with userAccountControl containing the UF_WORKSTATION_TRUST_ACCOUNT or UF_SERVER_TRUST_ACCOUNT bit.

    DomainDisplayGroup

    All group objects.