4.3 Manipulating Trusted Domain Objects

This section illustrates a message exchange pertaining to trusted domain objects.

  1. Message 1: Open the policy object.

    Direction and method

    Parameter field

    Parameter value

    Send

    LsarOpenPolicy2

    SystemName

    "Arbitrary String"

    Send

    LsarOpenPolicy2

    ObjectAttributes

    Ignored, except for the RootDirectory field, which is NULL.

    Send

    LsarOpenPolicy2

    DesiredAccess

    POLICY_VIEW_LOCAL_INFORMATION

  2. Message 2: Success; return the policy object handle.

    Direction and method

    Parameter field

    Parameter value

    Receive

    LsarOpenPolicy2

    Status

    STATUS_SUCCESS

    Receive

    LsarOpenPolicy2

    PolicyHandle

    [Implementation-specific value]

  3. Message 3: Enumerate trusted domain objects.

    Direction and method

    Parameter field

    Parameter value

    Send

    LsarEnumerateTrustedDomainsEx

    PolicyHandle

    [Implementation-specific value returned in Step 2.]

    Send

    LsarEnumerateTrustedDomainsEx

    EnumerationContext

    0

    Send

    LsarEnumerateTrustedDomainsEx

    PreferredMaximumLength

    0x100

  4. Message 4: Success; return some trusted domain objects, with more to come.

    Direction and method

    Parameter field

    Parameter value

    Receive

    LsarEnumerateTrustedDomainsEx

    Status

    STATUS_MORE_ENTRIES

    Receive

    LsarEnumerateTrustedDomainsEx

    EnumerationContext

    [Implementation-specific value]

    Receive

    LsarEnumerateTrustedDomainsEx

    TrustedDomainInformation

    EntriesRead: 2

    EnumerationBuffer: Contains information about two different trusted domain objects.

  5. Message 5: Finish enumerating the trusted domain objects.

    Direction and method

    Parameter field

    Parameter value

    Send

    LsarEnumerateTrustedDomainsEx

    PolicyHandle

    [Implementation-specific value returned in Step 2.]

    Send

    LsarEnumerateTrustedDomainsEx

    EnumerationContext

    [Value returned in Step 4.]

    Send

    LsarEnumerateTrustedDomainsEx

    PreferredMaximumLength

    0x10000

  6. Message 6: Success; all trusted domain objects have been enumerated.

    Direction and method

    Parameter field

    Parameter value

    Receive

    LsarEnumerateTrustedDomainsEx

    Status

    STATUS_NO_MORE_ENTRIES

    Receive

    LsarEnumerateTrustedDomainsEx

    EnumerationContext

    [Implementation-specific value]

    Receive

    LsarEnumerateTrustedDomainsEx

    TrustedDomainInformation

    EntriesRead: 3

    EnumerationBuffer: Contains information about three different trusted domain objects.

  7. Message 7: Open a trusted domain object by name.

    Direction and method

    Parameter field

    Parameter value

    Send

    LsarOpenTrustedDomainByName

    PolicyHandle

    [Implementation-specific value returned in Step 2.]

    Send

    LsarOpenTrustedDomainByName

    TrustedDomainName

    [One of the DNS names returned in Step 4 or Step 6.]

    Send

    LsarOpenTrustedDomainByName

    DesiredAccess

    POLICY_TRUST_ADMIN

  8. Message 8: Success; the trusted domain object has been opened successfully.

    Direction and method

    Parameter field

    Parameter value

    Receive

    LsarOpenTrustedDomainByName

    Status

    STATUS_SUCCESS

    Receive

    LsarOpenTrustedDomainByName

    TrustedDomainHandle

    [Implementation-specific value]

  9. Message 9: Done with this trusted domain object: Close the handle.

    Direction and method

    Parameter field

    Parameter value

    Send

    LsarClose

    ObjectHandle

    [Implementation-specific value returned in Step 8.]

  10. Message 10: Success: Trusted domain object has been closed.

    Direction and method

    Parameter field

    Parameter value

    Receive

    LsarClose

    Status

    STATUS_SUCCESS

  11. Message 11: Done with the policy object: Close the handle.

    Direction and method

    Parameter field

    Parameter value

    Send

    LsarClose

    ObjectHandle

    [Implementation-specific value returned in Step 2.]

  12. Message 12: Success: Policy object has been closed.

    Direction and method

    Parameter field

    Parameter value

    Receive

    LsarClose

    Status

    STATUS_SUCCESS