INFO: Extracting the SID from an ACE

ID: Q102101

The information in this article applies to:
  • Microsoft Win32 Application Programming Interface (API), used with:
    • Microsoft Windows NT versions 3.1, 3.5
    • Microsoft Windows 2000

SUMMARY

To access the security identifier (SID) contained in an access control entry (ACE), the following syntax can be used: 


   PSID pSID;

   if((((PACE_HEADER)pTempAce)->AceType) == ACCESS_ALLOWED_ACE_TYPE)
   {
      pSID=(PSID)&((PACCESS_ALLOWED_ACE)pTempAce)->SidStart;
   }


MORE INFORMATION

The "if" statement checks the type of ACE, which is one of the following values: 


   ACCESS_ALLOWED_ACE_TYPE
   ACCESS_DENIED_ACE_TYPE
   SYSTEM_AUDIT_ACE_TYPE
The conditional statement casts pTempAce (the pointer to the ACE) to a PACCESS_ALLOWED_ACE structure. The address of the SidStart member is then cast to a PSID and assigned to the pSID variable. pSID can now be used with any Win32 Security application programming interface (API) that takes a PSID as a parameter.

Additional query words: 3.10 3.50

Keywords : kbAccCtrl kbKernBase kbWinOS2000 kbSecurity kbDSupport kbGrpKernBase
Version : winnt:3.1,3.5
Platform : winnt
Issue type : kbinfo


Last Reviewed: December 29, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.