LsarStorePrivateData (Opnum 42)

The LsarStorePrivateData method is invoked to store a secret value.

 NTSTATUS LsarStorePrivateData(
   [in] LSAPR_HANDLE PolicyHandle,
   [in, unique] PLSAPR_CR_CIPHER_VALUE EncryptedData

PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.

KeyName: The name under which private data will be stored.

EncryptedData: The secret value to be stored.

Return Values: The following is a summary of the return values that an implementation MUST return, as specified by the message processing that follows.

Return value/code




The request was successfully completed.



The caller does not have the permissions to perform this operation.



PolicyHandle is not a valid handle.



One or more of the supplied parameters was invalid.


This message takes three arguments:

PolicyHandle: An open handle to the policy object. If the handle is not a valid context handle to the policy object or PolicyHandle.HandleType does not equal "Policy", the server MUST return STATUS_INVALID_HANDLE. The server MUST verify that PolicyHandle grants access as specified in section with RequiredAccess set to POLICY_CREATE_SECRET.

KeyName: A string identifying the name of the secret object under which the private data would be stored. The server MUST verify that KeyName is syntactically valid and reject the request with STATUS_INVALID_PARAMETER otherwise. If a secret object by this name does not exist and the EncryptedData parameter is not NULL, the server MUST verify that the caller has POLICY_CREATE_SECRET access. If the secret does exist and the EncryptedData parameter is not NULL, the access check is performed for the SECRET_SET_VALUE right against the secret's security descriptor. If the access check fails, the server MUST return STATUS_ACCESS_DENIED. If the EncryptedData parameter is NULL, the server MUST check that the caller has DELETE access to the secret object and, if so, delete the secret object from the policy database.

EncryptedData: The value of the secret to be stored. This value is encrypted as specified in section 5.1.2. As mentioned already, a caller that wants the secret to be deleted simply passes NULL for this value. If decryption fails, the server must return an implementation-specific error.<77>