The LSAPR_TRANSLATED_SID_EX structure contains information about a security principal after it has been translated into a SID. This structure MUST always be accompanied by an LSAPR_REFERENCED_DOMAIN_LIST structure when DomainIndex is not -1, which contains the domain information for the security principal.

This structure differs from LSA_TRANSLATED_SID only in that a new Flags field is added.

 typedef struct _LSAPR_TRANSLATED_SID_EX {
   unsigned long RelativeId;
   long DomainIndex;
   unsigned long Flags;

Use: Defines the type of the security principal, as specified in section 2.2.13.

RelativeId: Contains the relative identifier (RID) of the security principal with respect to its domain.

DomainIndex: Contains the index into the corresponding LSAPR_REFERENCED_DOMAIN_LIST structure that specifies the domain that the security principal is in. A DomainIndex value of -1 MUST be used to specify that there are no corresponding domains. Other negative values MUST NOT be used.

Flags: Contains bitmapped values that define the properties of this translation. The value MUST be the logical OR of zero or more of the following flags. These flags communicate additional information on how the name was resolved.




The name was not found by matching against the Security Principal Name property.


The name might be found by traversing a forest trust.


The name was found by matching against the last database view, as defined in section

All other bits MUST be 0 and ignored on receipt.<13>