共用方式為


3.1.4.6.6 LsarRetrievePrivateData (Opnum 43)

The LsarRetrievePrivateData method is invoked to retrieve a secret value.

 NTSTATUS LsarRetrievePrivateData(
   [in] LSAPR_HANDLE PolicyHandle,
   [in] PRPC_UNICODE_STRING KeyName,
   [in, out] PLSAPR_CR_CIPHER_VALUE* EncryptedData
 );

PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.

KeyName: The name identifying the secret value to be retrieved.

EncryptedData: Receives the encrypted value of the secret object.

Return Values: The following is a summary of the return values that an implementation MUST return, as specified by the message processing that follows.

Return value/code

Description

0x00000000

STATUS_SUCCESS

The request was successfully completed.

0xC0000022

STATUS_ACCESS_DENIED

The caller does not have the permissions to perform this operation.

0xC000000D

STATUS_INVALID_PARAMETER

One of the supplied parameters was invalid.

0xC0000008

STATUS_INVALID_HANDLE

PolicyHandle is not a valid handle.

0xC0000034

STATUS_OBJECT_NAME_NOT_FOUND

The key with the specified name was not found.

Processing:

This message takes three arguments:

PolicyHandle: An open handle to the policy object. If the handle is not a valid context handle to the policy object or PolicyHandle.HandleType does not equal "Policy", the server MUST return STATUS_INVALID_HANDLE. The server MUST verify that PolicyHandle grants access as specified in section 3.1.4.2.2 with RequiredAccess set to SECRET_QUERY_VALUE.

KeyName: A string identifying the name of the secret object to be queried. If IsRequestorAnonymous() returns TRUE (section 3.1.4.2.3) and LsaRestrictAnonymous is set to TRUE, the call MUST fail with STATUS_OBJECT_NAME_NOT_FOUND. If a secret object by this name does not exist, the server MUST return STATUS_OBJECT_NAME_NOT_FOUND.

EncryptedData: Used to return an encrypted version of the secret value. This value is encrypted as specified in section 5.1.2.