| Platform SDK: Access Control |
The LookupAccountSid function accepts a security identifier (SID) as input. It retrieves the name of the account for this SID and the name of the first domain on which this SID is found.
BOOL LookupAccountSid( LPCTSTR lpSystemName, // name of local or remote computer PSID Sid, // security identifier LPTSTR Name, // account name buffer LPDWORD cbName, // size of account name buffer LPTSTR DomainName, // domain name LPDWORD cbDomainName, // size of domain name buffer PSID_NAME_USE peUse // SID type );
For Windows NT/Windows 2000 systems, the domain name returned for most accounts in the local computer's security database is the computer's name as of the last start of the system. Backslashes are excluded. If the computer's name changes, the old name continues to be returned as the domain name until the system is restarted.
For Windows NT Server/Windows 2000 Server systems, the domain name returned for most accounts in the local computer's security database is the name of the domain for which the server is a domain controller.
Some accounts are predefined by the system. The domain name returned for these accounts is BUILTIN.
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
The LookupAccountSid function attempts to find a name for the specified security identifier by first checking a list of well-known SIDs. If the supplied SID does not correspond to a well-known SID, the function checks built-in and administratively defined local accounts. Next, the function checks the primary domain. Security identifiers not recognized by the primary domain are checked against the trusted domains corresponding to their SID prefixes.
LookupAccountSid fails and GetLastError returns ERROR_NONE_MAPPED if it cannot find an account name for the SID. This can occur if a network timeout prevents the function from finding the name. It also occurs for SIDs that have no corresponding account name, such as a logon SID that identifies a logon session.
Windows 2000: In addition to looking up SIDs for local accounts, local domain accounts, and explicitly trusted domain accounts, LookupAccountSid can look up SIDs for any account in any domain in the Windows 2000 forest, including SIDs that appear only in the SIDhistory field of an account in the forest. The SIDhistory field stores former SIDs of an account that has been moved from another domain. To perform these look-ups, the function queries the global catalog of the forest. However, these look-ups require that the computer from which LookupAccountSid is called be either running Windows 2000 or in a domain running in Windows 2000 native mode. Account lookup by SIDhistory is not possible if the calling computer is a Windows NT 4.0 system in either a Windows NT 4.0 domain or a mixed-mode Windows 2000 domain.
Windows NT/2000: Requires Windows NT 3.1 or later.
Header: Declared in Winbase.h; include Windows.h.
Library: Use Advapi32.lib.
Unicode: Implemented as Unicode and ANSI versions on Windows NT/2000.
Access Control Overview, Access Control Functions, EqualPrefixSid, LookupAccountName