LsaEnumerateAccountsWithUserRight function (ntsecapi.h)
The LsaEnumerateAccountsWithUserRight function returns the accounts in the database of a Local Security Authority (LSA) Policy object that hold a specified privilege. The accounts returned by this function hold the specified privilege directly through the user account, not as part of membership to a group.
Syntax
NTSTATUS LsaEnumerateAccountsWithUserRight(
[in] LSA_HANDLE PolicyHandle,
[in] PLSA_UNICODE_STRING UserRight,
[out] PVOID *Buffer,
[out] PULONG CountReturned
);
Parameters
[in] PolicyHandle
A handle to a Policy object. The handle must have POLICY_LOOKUP_NAMES and POLICY_VIEW_LOCAL_INFORMATION user rights. For more information, see Opening a Policy Object Handle.
[in] UserRight
Pointer to an LSA_UNICODE_STRING structure that specifies the name of a privilege. For a list of privileges, see Privilege Constants and Account Rights Constants.
If this parameter is NULL, the function enumerates all accounts in the LSA database of the system associated with the Policy object.
[out] Buffer
Pointer to a variable that receives a pointer to an array of LSA_ENUMERATION_INFORMATION structures. The Sid member of each structure is a pointer to the security identifier (SID) of an account that holds the specified privilege.
When you no longer need the information, free the memory by passing the returned pointer to the LsaFreeMemory function.
[out] CountReturned
Pointer to a variable that receives the number of entries returned in the EnumerationBuffer parameter.
Return value
If the function succeeds, the function returns STATUS_SUCCESS.
If the function fails, it returns an NTSTATUS code, which can be one of the following values or one of the LSA Policy Function Return Values.
Value | Description |
---|---|
|
The privilege string specified was not a valid privilege. |
|
There were no accounts with the specified privilege. |
You can use the LsaNtStatusToWinError function to convert the NTSTATUS code to a Windows error code.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows XP [desktop apps only] |
Minimum supported server | Windows Server 2003 [desktop apps only] |
Target Platform | Windows |
Header | ntsecapi.h |
Library | Advapi32.lib |
DLL | Advapi32.dll |