public static extern uint LsaLookupSids2( SafeLsaPolicyHandle PolicyHandle, LsaLookupSidsFlags LookupOptions, uint Count, [In, MarshalAs(UnmanagedType.LPArray)] IntPtr[] Sids, out SafeLsaMemoryHandle ReferencedDomains, out SafeLsaMemoryHandle Names);
/// <summary> /// Looks up a list of account names and returns information about each in a <see cref="SystemAccountInfo"/> class. Requires the /// <see cref="DesiredAccess.LookupNames"/> right. /// </summary> /// <returns>Contains a corresponding result for each name provided in <paramref name="sids"/>.</returns> /// <exception cref="ArgumentException">At least one user name must be supplied.</exception> public IList <SystemAccountInfo> GetAccountInfo(bool preferInternetNames, bool disallowConnectedAccts, params SecurityIdentifier[] sids) { if (sids == null || sids.Length == 0) { throw new ArgumentException(@"At least one SecurityIdentifier must be supplied.", nameof(sids)); } LsaLookupSidsFlags opts = (preferInternetNames ? LsaLookupSidsFlags.LSA_LOOKUP_PREFER_INTERNET_NAMES : 0) | (disallowConnectedAccts ? LsaLookupSidsFlags.LSA_LOOKUP_DISALLOW_CONNECTED_ACCOUNT_INTERNET_SID : 0); IEnumerable <PinnedSid> psids = sids.Select(s => new PinnedSid(s)); NTStatus ret = LsaLookupSids2(Handle, opts, (uint)sids.Length, psids.Select(s => s.PSID).ToArray(), out SafeLsaMemoryHandle domains, out SafeLsaMemoryHandle names); if (ret != NTStatus.STATUS_SUCCESS && ret != NTStatus.STATUS_SOME_NOT_MAPPED) { ThrowIfLsaError(ret); } LSA_TRUST_INFORMATION[] d = domains.DangerousGetHandle().ToStructure <LSA_REFERENCED_DOMAIN_LIST>().DomainList.ToArray(); LSA_TRANSLATED_NAME[] tn = names.DangerousGetHandle().ToIEnum <LSA_TRANSLATED_NAME>(sids.Length).ToArray(); var retVal = new SystemAccountInfo[sids.Length]; for (var i = 0; i < sids.Length; i++) { retVal[i] = new SystemAccountInfo(tn[i].Name.ToString(), tn[i].Use, sids[i], tn[i].DomainIndex, d); } return(retVal); }