3.1.5.1.7 SamrOpenGroup (Opnum 19)
The SamrOpenGroup method obtains a handle to a group, given a RID.
-
long SamrOpenGroup( [in] SAMPR_HANDLE DomainHandle, [in] unsigned long DesiredAccess, [in] unsigned long GroupId, [out] SAMPR_HANDLE* GroupHandle );
DomainHandle: An RPC context handle, as specified in section 2.2.7.2, representing a domain object.
DesiredAccess: An ACCESS_MASK that indicates the requested access for the returned handle. See section 2.2.1.5 for a list of group access values.
GroupId: A RID of a group.
GroupHandle: An RPC context handle, as specified in section 2.2.7.2.
This protocol asks the RPC runtime, via the strict_context_handle attribute, to reject the use of context handles created by a method of a different RPC interface than this one, as specified in [MS-RPCE] section 3.
Upon receiving this message, the server MUST process the data from the message according to the constraints in section 3.1.5.1.6, with the following values:
Target-Rid: GroupId
Target-Object-Type: a group object (that is, a database with the objectClass group or derived from group) and groupType containing GROUP_TYPE_ACCOUNT_GROUP or GROUP_TYPE_UNIVERSAL_GROUP.
Generic-Access-Mask-Mapping-Table:
Incoming bit
Translated bits
GENERIC_READ
GROUP_READ
GENERIC_WRITE
GROUP_WRITE
GENERIC_EXECUTE
GROUP_EXECUTE
GENERIC_ALL
GROUP_ALL_ACCESS
Desired-Access-Mapping-Table:
DesiredAccess
Access mask
Object ACE type
GROUP_READ_INFORMATION
ACTRL_DS_READ_PROP
59ba2f42-79a2-11d0-9020-00c04fc2d3cf
GROUP_WRITE_ACCOUNT
ACTRL_DS_WRITE_PROP
59ba2f42-79a2-11d0-9020-00c04fc2d3cf
GROUP_ADD_MEMBER
ACTRL_DS_WRITE_PROP
bf9679c0-0de6-11d0-a285-00aa003049e2
GROUP_REMOVE_MEMBER
ACTRL_DS_WRITE_PROP
bf9679c0-0de6-11d0-a285-00aa003049e2
GROUP_LIST_MEMBERS
ACTRL_DS_READ_PROP
bf9679c0-0de6-11d0-a285-00aa003049e2
ACCESS_SYSTEM_SECURITY
ACCESS_SYSTEM_SECURITY
WRITE_OWNER
WRITE_OWNER
WRITE_DAC
WRITE_DAC
DELETE
DELETE
Output-Handle: GroupHandle