3.1.4.2.10 Receiving an EfsRpcAddUsersToFile Message (Opnum 9)
The EfsRpcAddUsersToFile method is used to grant the possessors of the private keys corresponding to certain X.509 certificates the ability to decrypt the object.
-
DWORD EfsRpcAddUsersToFile( [in] handle_t binding_h, [in, string] wchar_t* FileName, [in] ENCRYPTION_CERTIFICATE_LIST* EncryptionCertificates );
binding_h: This is an RPC binding handle parameter, as specified in [C706] and [MS-RPCE] section 2.
FileName: An EFSRPC nonzero name, as specified in section 2.2.1.
EncryptionCertificates: A list of certificates, represented by an ENCRYPTION_CERTIFICATE_LIST structure, which are to be given access to the object.
Return Values: The server MUST return 0 if it successfully processes the message received from the client. The server MUST return a nonzero value if processing fails.
If no object exists on the server with the specified name, or if the object exists and is not encrypted, the server MUST return a nonzero value. Otherwise, the server MUST modify the object's EFSRPC Metadata such that all the user certificates listed in the Users structure have the ability to decrypt the object.