Platform SDK: Access Control |
The ConvertSecurityDescriptorToStringSecurityDescriptor function converts a security descriptor to a string format. You can use the string format to store or transmit the security descriptor.
To convert the string-format security descriptor back to a valid, functional security descriptor, call the ConvertStringSecurityDescriptorToSecurityDescriptor function.
BOOL ConvertSecurityDescriptorToStringSecurityDescriptor( PSECURITY_DESCRIPTOR SecurityDescriptor, // SD DWORD RequestedStringSDRevision, // revision level SECURITY_INFORMATION SecurityInformation, // component LPTSTR *StringSecurityDescriptor, // security descriptor string PULONG StringSecurityDescriptorLen // size of security descriptor string );
Value | Meaning |
---|---|
OWNER_SECURITY_INFORMATION | Include the owner. |
GROUP_SECURITY_INFORMATION | Include the primary group. |
DACL_SECURITY_INFORMATION | Include the DACL. |
SACL_SECURITY_INFORMATION | Include the SACL. |
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError. GetLastError may return one of the following error codes.
Error Code | Meaning |
---|---|
ERROR_INVALID_PARAMETER | Invalid parameter. |
ERROR_UNKNOWN_REVISION | The revision level is invalid. |
ERROR_NONE_MAPPED | A SID in the input security descriptor could not be found in an account lookup operation. |
ERROR_INVALID_ACL | Invalid ACL. This error is returned if the SE_DACL_PRESENT flag is set in the input security descriptor and the DACL is NULL. |
If the DACL is NULL and the SE_DACL_PRESENT control bit is set in the input security descriptor, the function fails.
If the DACL is NULL and the SE_DACL_PRESENT control bit is not set in the input security descriptor, the resulting security descriptor string does not have a D: component. For more information, see Security Descriptor String Format.
Windows NT/2000: Requires Windows 2000.
Header: Declared in Sddl.h.
Library: Use Advapi32.lib.
Unicode: Implemented as Unicode and ANSI versions on Windows 2000.
Access Control Overview, Access Control Functions, ConvertSidToStringSid, ConvertStringSecurityDescriptorToSecurityDescriptor, ConvertStringSidToSid, SECURITY_DESCRIPTOR