Guest gremat Posted October 10, 2019 Posted October 10, 2019 Hi! Prerequisites: Local user account named "FooBar" created Computer/machine joined to domain named "FooBar", i.e., both strings are equal Problem: A call to LookupAccountName (winbase.h, Advapi32.dll) given an empty lpSystemName and using an isolated lpAccountName, i.e., "FooBar" instead of "MyMachine\FooBar", returns a SID structure that does not point to the machine-local user account "FooBar" but to the account of the domain "FooBar", i.e., SidTypeDomain (see SID_NAME_USE Enumeration). Now, the documentation on LookupAccountName inarguably states that you have to use a "fully qualified account name [...] to ensure that LookupAccountName finds the account in the desired domain". But it also says that it will attempt to find a SID checking well-known SIDs first, then built-in and administratively defined local accounts, and only next check the primary domain. Question: Is the documentation ambiguous, or does it not reflect correctly what happens actually? Best regards. More... Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.