Prev Next

LookupAccountSid info  Overview  Group

The LookupAccountSid function accepts a security identifier (SID) as input. It retrieves the name of the account for this SID and the name of the first domain on which this SID is found.

BOOL LookupAccountSid(

    LPCTSTR lpSystemName,

// address of string for system name

    PSID Sid,

// address of security identifier

    LPTSTR Name,

// address of string for account name

    LPDWORD cbName,

// address of size account string

    LPTSTR ReferencedDomainName,

// address of string for referenced domain

    LPDWORD cbReferencedDomainName,

// address of size domain string

    PSID_NAME_USE peUse 

// address of structure for SID type

   );

Parameters

lpSystemName
Points to a null-terminated string specifying the system. This string can be the name of a remote computer. If this string is NULL, the SID is looked up on the local system.
Sid
Points to a SID structure for which the account name is looked up.
Name
Points to a buffer receiving a null-terminated string representing the account name corresponding to the Sid parameter.
cbName
Pointer to a DWORD variable. On input, this value specifies the size, in bytes (ANSI version) or characters (Unicode version), of the Name buffer. If the function fails because the buffer is too small, this variable receives the required buffer size, including the terminating null character.
ReferencedDomainName
Points to a buffer that will receive a null-terminated string giving the name of the domain where the account name was found.

For Windows NT systems, the domain name returned for most accounts in the local computer’s security database is the computer’s name as of the last start of the system. Backslashes are excluded. If the computer’s name changes, the old name continues to be returned as the domain name until the system is restarted.

For Windows NT Server systems, the domain name returned for most accounts in the local computer’s security database is the name of the domain for which the Windows NT Server is a domain controller.

Some accounts are predefined by the system. The domain name returned for these accounts is BUILTIN.

cbReferencedDomainName
Pointer to a DWORD variable. On input, this value specifies the size, in bytes (ANSI version) or characters (Unicode version), of the ReferencedDomainName buffer. If the function fails because the buffer is too small, this variable receives the required buffer size, including the terminating null character.
peUse
Points to an SID_NAME_USE enumerated type indicating the type of the account when the function returns.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

The LookupAccountSid function attempts to find a name for the specified security identifier by first checking a list of well-known SIDs. If the supplied SID does not correspond to a well-known SID, the function checks built-in and administratively defined local accounts. Next, the function checks the primary domain. Security identifiers not recognized by the primary domain are checked against the trusted domains corresponding to their SID prefixes.

See Also

EqualPrefixSid, LookupAccountName

See: