RtlGetGroupSecurityDescriptor routine

The RtlGetGroupSecurityDescriptor routine returns the primary group information for a given security descriptor.

Syntax


NTSTATUS RtlGetGroupSecurityDescriptor(
  _In_  PSECURITY_DESCRIPTOR SecurityDescriptor,
  _Out_ PSID                 *Group,
  _Out_ PBOOLEAN             GroupDefaulted
);

Parameters

SecurityDescriptor [in]

Pointer to the security descriptor whose primary group information is to be returned.

Group [out]

Pointer to a variable that receives a pointer to the security identifier (SID) for the primary group. If the security descriptor does not contain a primary group, *Group receives NULL.

GroupDefaulted [out]

Pointer to a Boolean variable that receives the value of the SE_GROUP_DEFAULTED flag in the security descriptor's SECURITY_DESCRIPTOR_CONTROL structure. This value is valid only if *Group receives a non-NULL value.

Return value

RtlGetGroupSecurityDescriptor returns STATUS_SUCCESS or an appropriate NTSTATUS value such as the following:

Return codeDescription
STATUS_UNKNOWN_REVISION

The security descriptor's revision level is not known or is not supported. This is an error code.

 

Remarks

If the security descriptor pointed to by SecurityDescriptor contains a primary group, RtlGetGroupSecurityDescriptor sets the pointer pointed to by Group to the address of the security descriptor's group SID and sets the variable pointed to by GroupDefaulted to a valid value.

If the security descriptor pointed to by SecurityDescriptor does not contain a primary group, RtlGetGroupSecurityDescriptor sets the pointer pointed to by Group to NULL and ignores the remaining output parameter, GroupDefaulted.

To set the primary group information for a security descriptor, use RtlSetGroupSecurityDescriptor.

To retrieve the owner information for a security descriptor, use RtlGetOwnerSecurityDescriptor.

For more information about security and access control, see the Microsoft Windows SDK documentation.

Requirements

Target platform

Universal

Version

This routine is available on Microsoft Windows Server 2003 SP1 and later.

Header

Ntifs.h (include Ntifs.h)

Library

NtosKrnl.lib

DLL

NtosKrnl.exe

IRQL

<= APC_LEVEL

See also

RtlGetOwnerSecurityDescriptor
RtlSetGroupSecurityDescriptor
SECURITY_DESCRIPTOR
SID

 

 

Send comments about this topic to Microsoft

Show: