Knowledge Base

INFO: Extracting the SID from an ACE

Article ID: 102101

Article Last Modified on 11/21/2006

Microsoft Win32 Application Programming Interface, when used with:
- Microsoft Windows NT Advanced Server 3.1
- Microsoft Windows NT 4.0
- Microsoft Windows 2000 Standard Edition
- Microsoft Windows XP Professional

This article was previously published under Q102101

SUMMARY

To access the security identifier (SID) contained in an access control entry (ACE), the following syntax can be used:

   PSID pSID;

   if((((PACE_HEADER)pTempAce)->AceType) == ACCESS_ALLOWED_ACE_TYPE)
   {
      pSID=(PSID)&((PACCESS_ALLOWED_ACE)pTempAce)->SidStart;
   }

MORE INFORMATION

The "if" statement checks the type of ACE, which is one of the following values:

   ACCESS_ALLOWED_ACE_TYPE
   ACCESS_DENIED_ACE_TYPE
   SYSTEM_AUDIT_ACE_TYPE

The conditional statement casts pTempAce (the pointer to the ACE) to a PACCESS_ALLOWED_ACE structure. The address of the SidStart member is then cast to a PSID and assigned to the pSID variable. pSID can now be used with any Win32 Security application programming interface (API) that takes a PSID as a parameter.

Additional query words: 3.10 3.50 kbSECTools

Keywords: kbacl kbinfo kbkernbase kbsecurity KB102101