3.2.4.40 Application Requests Querying Security Descriptors

A client requests to query security descriptors by issuing an SMB_COM_NT_TRANSACT (section 2.2.4.62.1) request with the subcommand NT_TRANSACT_QUERY_SECURITY_DESC. The application MUST provide the Client.Open of the file that is the target of the query, the maximum number of data bytes the client accepts in the response, and a list of the security information fields being requested.

The client MUST construct the NT_TRANSACT_QUERY_SECURITY_DESC request message as specified in section 2.2.7.6.1. The request MUST be sent to the server as described in section 3.2.4.1.