3.2.1.4.1.2 Retrieving Caller Identity Information

  • Article

The processing rules in this section return the identity of the caller in the form of {Domain\UserName}, and they also return the SID of the caller.

Input Parameters: None.

Output Parameters:

Output_Account_Name: The caller's account name in the form of <domain netbios name>\<account name> for the caller.

Output_SID: The SID of the caller.

Processing Rules:

The caller identity is in the form {Domain\UserName}. The domain and UserName are found as follows:

  1. Call Abstract Interface GetRpcImpersonationAccessToken (section 3.3.3.4.3.1) as specified in [MS-RPCE] section 3.3.3.4.3.1, passing NULL as a parameter to obtain the token of the current thread as specified in [MS-RPCE] section 3.3.3.4.3.1, and use the output parameter RpcImpersonationAccessToken in the following steps.

  2. Call LsarOpenPolicy (section 3.1.4.2) as specified in [MS-LSAT] section 3.1.4.2 with the following as input:

    • SystemName: NULL.

    • DesiredAccess: Contains the bit value 0x00000800 for POLICY_LOOKUP_NAMES.

  3. Call LsarLookupSids (section 3.1.4.11) as specified in [MS-LSAT] section 3.1.4.11 on the returned PolicyHandle.

    • PolicyHandle: The PolicyHandle returned from the aforementioned LsarOpenPolicy.

    • SidEnumBuffer: The SidInfo part of this structure contains the SID returned from the element RpcImpersonationAccessToken.Sids[RpcImpersonationAccessToken.UserIndex] as specified in [MS-RPCE] section 3.3.3.4.3. The Entries part of this structure is set to 1.

    • LookupLevel: Set to LsapLookupWksta.

      The return values from the LsarLookupSids are as follows:

    • ReferencedDomains list: The domain name is found in the Name field of the Domains structure of the list entry whose index matches the DomainIndex of the Names structure of the entry in the TranslatedNames list that corresponds to the SID in question.

    • TranslatedNames: Contains the UserName in the Name field of the Names structure of the entry in the list corresponding to the SID in question (from the SidEnumBuffer input list).

  4. Concatenate the Domain name and UserName returned in previous steps using "\" as Domain\UserName, and store it in the output parameter Output_ Account_Name.

  5. Store the element RpcImpersonationAccessToken.Sids[RpcImpersonationAccessToken.UserIndex] as specified in [MS-RPCE] section 3.3.3.4.3 in the output parameter Output_SID.