ConvertStringSecurityDescriptorToSecurityDescriptor

The ConvertStringSecurityDescriptorToSecurityDescriptor function converts a string-format security descriptor into a valid, functional security descriptor. This function retrieves a security descriptor that the ConvertSecurityDescriptorToStringSecurityDescriptor function converted to string format.

BOOL ConvertStringSecurityDescriptorToSecurityDescriptorW(
  LPCTSTR StringSecurityDescriptor,          // security descriptor string
  DWORD StringSDRevision,                    // revision level
  PSECURITY_DESCRIPTOR *SecurityDescriptor,  // SD
  PULONG SecurityDescriptorSize              // SD size
);

Parameters

StringSecurityDescriptor

[in] Pointer to a null-terminated string containing the string-format security descriptor to convert.

StringSDRevision

[in] Specifies the revision level of the StringSecurityDescriptor string. Currently this value must be SDDL_REVISION_1.

SecurityDescriptor

[out] Pointer to a variable that receives a pointer to the converted security descriptor. The returned security descriptor is self-relative. To free the returned buffer, call the LocalFree function. To convert the security descriptor to an absolute security descriptor, use the MakeAbsoluteSD function.

SecurityDescriptorSize

[out] Pointer to a variable that receives the size, in bytes, of the converted security descriptor. This parameter can be NULL.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError. GetLastError may return one of the following error codes.

Requirements

  Windows NT/2000: Requires Windows 2000.
  Header: Declared in Sddl.h.
  Library: Use Advapi32.lib.
  Unicode: Implemented as Unicode and ANSI versions on Windows 2000.

See Also

Access Control Overview, Access Control Functions, ConvertSecurityDescriptorToStringSecurityDescriptor, ConvertSidToStringSid, ConvertStringSidToSid, MakeAbsoluteSD, SECURITY_DESCRIPTOR