The LookupAccountSid function accepts a security identifier (SID) as input. It retrieves the name of the account for this SID and the name of the first domain on which this SID is found.
BOOL LookupAccountSid(
LPCTSTR lpSystemName, // address of string for system name
PSID Sid, // address of security identifier
LPTSTR Name, // address of string for account name
LPDWORD cbName, // address of size account string
LPTSTR ReferencedDomainName,
// address of string for referenced domain
LPDWORD cbReferencedDomainName,
// address of size domain string
PSID_NAME_USE peUse // address of structure for SID type
);
For Windows NT systems, the domain name returned for most accounts in the local computer's security database is the computer's name as of the last start of the system. Backslashes are excluded. If the computer's name changes, the old name continues to be returned as the domain name until the system is restarted.
For Windows NT Server systems, the domain name returned for most accounts in the local computer's security database is the name of the domain for which the Windows NT Server is a domain controller.
Some accounts are predefined by the system. The domain name returned for these accounts is BUILTIN.
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
The LookupAccountSid function attempts to find a name for the specified security identifier by first checking a list of well-known SIDs. If the supplied SID does not correspond to a well-known SID, the function checks built-in and administratively defined local accounts. Next, the function checks the primary domain. Security identifiers not recognized by the primary domain are checked against the trusted domains corresponding to their SID prefixes.
LookupAccountSid fails and GetLastError returns ERROR_NONE_MAPPED if it cannot find an account name for the SID. This can occur if a network timeout prevents the function from finding the name. It also occurs for SIDs that have no corresponding account name, such as a logon SID that identifies a logon session.
Windows NT: Requires version 3.1 or later.
Windows: Unsupported.
Windows CE: Unsupported.
Header: Declared in winbase.h.
Import Library: Use advapi32.lib.
Unicode: Implemented as Unicode and ANSI versions on Windows NT.
Access Control Overview, Access Control Functions, EqualPrefixSid, LookupAccountName