3.1.4.6.6 LsarRetrievePrivateData (Opnum 43)
The LsarRetrievePrivateData method is invoked to retrieve a secret value.
-
NTSTATUS LsarRetrievePrivateData( [in] LSAPR_HANDLE PolicyHandle, [in] PRPC_UNICODE_STRING KeyName, [in, out] PLSAPR_CR_CIPHER_VALUE* EncryptedData );
PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
KeyName: The name identifying the secret value to be retrieved.
EncryptedData: Receives the encrypted value of the secret object.
Return Values: The following is a summary of the return values that an implementation MUST return, as specified by the message processing that follows.
-
Return value/code
Description
0x00000000
STATUS_SUCCESS
The request was successfully completed.
0xC0000022
STATUS_ACCESS_DENIED
The caller does not have the permissions to perform this operation.
0xC000000D
STATUS_INVALID_PARAMETER
One of the supplied parameters was invalid.
0xC0000008
STATUS_INVALID_HANDLE
PolicyHandle is not a valid handle.
0xC0000034
STATUS_OBJECT_NAME_NOT_FOUND
The key with the specified name was not found.
Processing:
This message takes three arguments:
PolicyHandle: An open handle to the policy object. If the handle is not a valid context handle to the policy object or PolicyHandle.HandleType does not equal "Policy", the server MUST return STATUS_INVALID_HANDLE. The server MUST verify that PolicyHandle grants access as specified in section 3.1.4.2.2 with RequiredAccess set to SECRET_QUERY_VALUE.
KeyName: A string identifying the name of the secret object to be queried. If IsRequestorAnonymous() returns TRUE (section 3.1.4.2.3) and LsaRestrictAnonymous is set to TRUE, the call MUST fail with STATUS_OBJECT_NAME_NOT_FOUND. If a secret object by this name does not exist, the server MUST return STATUS_OBJECT_NAME_NOT_FOUND.
EncryptedData: Used to return an encrypted version of the secret value. This value is encrypted as specified in section 5.1.2.