220.127.116.11 LsarLookupNames2 (Opnum 58)
NTSTATUS LsarLookupNames2( [in] LSAPR_HANDLE PolicyHandle, [in, range(0,1000)] unsigned long Count, [in, size_is(Count)] PRPC_UNICODE_STRING Names, [out] PLSAPR_REFERENCED_DOMAIN_LIST* ReferencedDomains, [in, out] PLSAPR_TRANSLATED_SIDS_EX TranslatedSids, [in] LSAP_LOOKUP_LEVEL LookupLevel, [in, out] unsigned long* MappedCount, [in] unsigned long LookupOptions, [in] unsigned long ClientRevision );
Count: Number of security principal names to look up.<31>
Names: Contains the security principal names to translate, as specified in section 18.104.22.168.
ReferencedDomains: On successful return, contains the domain information for the domain to which each security principal belongs. The domain information includes a NetBIOS domain name and a domain SID for each entry in the list.
TranslatedSids: On successful return, contains the corresponding SID forms for security principal names in the Names parameter. It MUST be ignored on input.
LookupLevel: Specifies what scopes are to be used during translation, as specified in section 2.2.16.
MappedCount: On successful return, contains the number of names that are translated completely to the SID form. This parameter has no effect on message processing in any environment. It MUST be ignored on input.
LookupOptions: Flags that control the lookup operation. For possible values and their meanings, see section 22.214.171.124.
ClientRevision: Version of the client, which implies the client's capabilities. For possible values and their meanings, see section 126.96.36.199.
Return Values: The following table contains a summary of the return values that an implementation MUST return, as specified by the message processing shown after the table.
The request was successfully completed.
Some of the information to be translated has not been translated.
The caller does not have the permissions to perform this operation.
One of the supplied parameters was invalid.
None of the information to be translated has been translated.
The behavior required when receiving an LsarLookupNames2 message MUST be identical to that when receiving an LsarLookupNames3 message, with the following exceptions:
Elements in the TranslatedSids output structure do not contain a Sid field; instead, they contain a RelativeId field. RelativeId MUST be set to the last element in the SubAuthority array of the RPC_SID structure ([MS-DTYP] section 188.8.131.52) if the translated SID is not of type SidTypeDomain, and if the Flags field does not contain 0x00000004. If the translated SID is of type SidTypeDomain or the Flags field contains 0x00000004, RelativeId MUST be set to 0xFFFFFFFF.
The LookupOptions and ClientRevision parameters MUST be ignored. Message processing MUST happen as if LookupOptions is set to 0x00000000 and ClientRevision is set to 0x00000002.
The server MUST return STATUS_ACCESS_DENIED if neither of the following conditions is true: