OpenSamUser function

Retrieves a handle to a user account in the Security Accounts Manager (SAM) database.

Syntax


NTSTATUS OpenSamUser(
  _In_  PSECURITY_STRING Name,
  _In_  SECPKG_NAME_TYPE NameType,
  _In_  PSECURITY_STRING Prefix,
  _In_  BOOLEAN          AllowGuest,
  _In_  ULONG            Reserved,
  _Out_ PVOID            *UserHandle
);

Parameters

Name [in]

Pointer to a UNICODE_STRING structure that specifies the name of the SAM account.

NameType [in]

A SECPKG_NAME_TYPE enumeration value that specifies the type of account name in Name. This parameter can be one of the following values.

ValueMeaning
SecNameSamCompatible

Name is compatible with the SAM. An example of a name in SAM-compatible format is "ExampleDomain\Username".

SecNameAlternateId

Name is in the AltSecId property of the SAM account. This value is used with the Prefix parameter.

SecNameFlat

Name is a flat user principal name (UPN)–style account name.

SecNameDN

Name is the distinguished name of the object. For more information, see Remarks.

 

Prefix [in]

Pointer to a UNICODE_STRING structure that specifies the prefix to use with names that use a NameType of SecNameAlternateId.

AllowGuest [in]

Specifies whether to use the Guest account if the SAM account is not found. This parameter can be one of the following values.

ValueMeaning
FALSE

If the user is not found, the OpenSamUser function call fails.

TRUE

If the user is not found and the Guest account is enabled, the Guest account is used.

 

Reserved [in]

Reserved. Specify zero.

UserHandle [out]

Pointer to a pointer that receives a handle to the user account.

Return value

If the function succeeds, the return value is STATUS_SUCCESS.

If the function fails, the return value is one of the following NTSTATUS error codes that indicates the reason for failure.

Return codeDescription
STATUS_INVALID_PARAMETER

NameType is SecNameAlternateId and Prefix is NULL.

STATUS_NO_SUCH_USER

The SAM account could not be found.

 

Remarks

To close the handle received by the UserHandle parameter, call the CloseSamUser function.

The distinguished name of a user identifies the name, domain, and the complete path to the Active Directory object that represents the user.

A pointer to the OpenSamUser function is available in the LSA_SECPKG_FUNCTION_TABLE structure received by the SpInitialize function.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Ntsecpkg.h

See also

CloseSamUser
LSA_SECPKG_FUNCTION_TABLE
SpInitialize

 

 

Show: