3.1.1.13.2 ExpandMemberships

 procedure ExpandMemberships(
     InputSids: ARRAY(SID),
     OperationType: DWORD,
     ExpandedSids: ARRAY(SID),
     MaxValidityTimeHint: LARGE_INTEGER) : NTSTATUS

InputSids: An array of SIDs to be expanded.

OperationType: Specifies how the SIDs in InputSids are to be expanded. Must be a value from the REVERSE_MEMBERSHIP_OPERATION_TYPE enumeration ([MS-DRSR] section 4.1.8.1.3).

ExpandedSids: Returns the set of expanded SIDs.

MaxValidityTimeHint: Returns the smallest expiration timestamp of all memberships returned in ExpandedSids, or zero if all memberships are persistent.

Return Values: This procedure returns STATUS_SUCCESS ([MS-ERREF] section 2.3.1) to indicate success; otherwise, an NTSTATUS error code.

Note This procedure utilizes the IDL_DRSGetMemberships  method ([MS-DRSR] section 4.1.8).

Logical Processing:

 Status: NTSTATUS;
 OutVersion: DWORD;
 msgIn: DRS_MSG_REVMEMB_REQ;
 msgOut: DRS_MSG_REVMEMB_REPLY;
  
 MaxValidityTimeHint := 0;
  
 /* Initialize input argument for IDL_DRSGetMemberships */ 
 msgIn.dwInVersion := 1;
 msgIn.cDSNames := ARRAYSIZE(InputSids);
 msgIn.ppDSNames := InputSids;
 msgIn.dwFlags := 0;
 msgIn.OperationType := OperationType;    
 msgIn.pLimitingDomain := NULL;
  
 /* Invoke IDL_DRSGetMemberships locally */
 Status := IDL_DRSGetMemberships(NULL, 1, &msgIn, &OutVersion, &msgOut);
 if Status != STATUS_SUCCESS return Status;
  
 /* Merge the returned SIDs and returned SID-history SIDs */
 ExpandedSids := msgOut.ppDSNames + msgOut.ppSidHistory;
 if (minimum TTL of all memberships returned in ExpandedSids > 0)
     MaxValidityTimeHint := (minimum TTL of all memberships
                             returned in ExpandedSids);
  
 endif
 return STATUS_SUCCESS;