LsaGetAppliedCAPIDs function (ntlsa.h)
The LsaGetAppliedCAPIDs function returns an array of central access policies (CAPs) identifiers (CAPIDs) of all the CAPs applied on a specific computer.
Syntax
NTSTATUS LsaGetAppliedCAPIDs(
[in, optional] PLSA_UNICODE_STRING SystemName,
[out] PSID **CAPIDs,
[out] PULONG CAPIDCount
);
Parameters
[in, optional] SystemName
A pointer to an LSA_UNICODE_STRING structure that contains the name of the specific computer. The name can have the form of "ComputerName" or "\ComputerName". If this parameter is NULL, then the function returns the CAPIDs of the local computer.
[out] CAPIDs
A pointer to a variable that receives an array of pointers to CAPIDs that identify the CAPs available on the specified computer. When you have finished using the CAPIDs, call the LsaFreeMemory function on each element in the array and the entire array.
[out] CAPIDCount
A pointer to a variable that receives the number of CAPs that are available on the specified computer. The array returned in the CAPIDs parameter contains the same number of elements as the CAPIDCount parameter.
Return value
If the function succeeds, the return value is STATUS_SUCCESS.
If the function fails, the return value is one of the LSA Policy Function Return Values. You can use the LsaNtStatusToWinError function to convert the NTSTATUS code to a Windows error code.
Remarks
For specific details about the central access policies, you can query the attributes of the central access policy object in the Active Directory on the specified computer's domain controller. Look for the object whose msAuthz-CentralAccessPolicyID attribute matches one of the returned CAPIDs.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 8 [desktop apps only] |
| Minimum supported server | Windows Server 2012 [desktop apps only] |
| Target Platform | Windows |
| Header | ntlsa.h |
| Library | Advapi32.lib |
| DLL | Advapi32.dll |