Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The LsarQueryTrustedDomainInfo method is invoked to retrieve information on a trusted ___domain object.
-
NTSTATUS LsarQueryTrustedDomainInfo( [in] LSAPR_HANDLE PolicyHandle, [in] PRPC_SID TrustedDomainSid, [in] TRUSTED_INFORMATION_CLASS InformationClass, [out, switch_is(InformationClass)] PLSAPR_TRUSTED_DOMAIN_INFO* TrustedDomainInformation );
PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
TrustedDomainSid: A security descriptor of the trusted ___domain object.
InformationClass: Identifies the type of information the caller is interested in.
TrustedDomainInformation: Used to return the information on the trusted ___domain object to the caller.
Return Values: The following is a summary of the return values that an implementation MUST return, as specified by the message processing that follows.
-
Return value/code
Description
0x00000000
STATUS_SUCCESS
The request was successfully completed.
0xC0000022
STATUS_ACCESS_DENIED
The caller does not have the permissions to perform this operation.
0xC000000D
STATUS_INVALID_PARAMETER
One or more of the supplied parameters was invalid.
0xC0000002
STATUS_NOT_IMPLEMENTED
The specified information class is not supported.
0xC0000003
STATUS_INVALID_INFO_CLASS
The InformationClass argument is outside the allowed range.
0xC0000008
STATUS_INVALID_HANDLE
PolicyHandle is not a valid handle.
0xC00000DF
STATUS_NO_SUCH_DOMAIN
The specified trusted ___domain object does not exist.
0xC00002B1
STATUS_DIRECTORY_SERVICE_REQUIRED
The Active Directory service was not available on the server.
Processing:
If Active Directory is not running on this machine, the server MUST return STATUS_DIRECTORY_SERVICE_REQUIRED.
This message takes four arguments:
PolicyHandle: An open handle to the policy object. If the handle is not a valid context handle to the policy object or PolicyHandle.HandleType does not equal "Policy", the server MUST return STATUS_INVALID_HANDLE. The server MUST verify that PolicyHandle grants access as specified in section 3.1.4.2.2 with RequiredAccess set as specified in section 3.1.4.7.13.
TrustedDomainSid: The SID of the trusted ___domain object to query. The server MUST verify that the caller has supplied a valid ___domain SID for this parameter and fail the request with STATUS_INVALID_PARAMETER if the check fails. The server MUST verify that a trusted ___domain object with this SID exists in its policy database and fail the request with STATUS_NO_SUCH_DOMAIN otherwise.
InformationClass: A value from the TRUSTED_INFORMATION_CLASS enumeration that specifies which type of information the caller is requesting. Not all values are valid. For values outside the TRUSTED_INFORMATION_CLASS enumeration range, the server MUST reject the request with STATUS_INVALID_PARAMETER. For InformationClass values TrustedControllersInformation, TrustedDomainAuthInformationInternal, TrustedDomainFullInformationInternal, and for any values that would be rejected by an LsarQueryInfoTrustedDomain call, the server MUST reject the request with an implementation-specific error. For all other InformationClass values, the server MUST behave as if it is processing an LsarQueryInfoTrustedDomain call with a trusted ___domain handle to the trusted ___domain identified by the TrustedDomainSid parameter.
TrustedDomainInformation: Used to return the requested information.