3.1.1.10.1.2 Set Pattern for Policy Object ADM
Direct setting of any of the (Public) ADM elements listed in section 3.1.1 MUST be performed as follows:
The client MUST invoke LsarOpenPolicy2 (section 3.1.4.4.1), specifying NULL for the SystemName parameter and POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN | READ_CONTROL for the DesiredAccess parameter.
The client MUST invoke LsarQueryInformationPolicy2 (section 3.1.4.4.3), specifying the policy handle obtained in step 1 for the PolicyHandle parameter and PolicyDnsDomainInformation for the InformationClass parameter.
The client MUST set the ADM elements of interest in the LSAPR_POLICY_INFORMATION.PolicyDnsDomainInfo structure (section 2.2.4.14) that was returned in step 2 to the desired new values, leaving the remaining elements unmodified.
The client MUST invoke LsarSetInformationPolicy2 (section 3.1.4.4.5), specifying the policy handle obtained in step 1 for the PolicyHandle parameter.
The client MUST invoke LsarClose (section 3.1.4.9.4), specifying the policy handle obtained in step 1 for the ObjectHandle parameter.