internal static NtStatus AddAccountRights(string system_name, Sid sid, IEnumerable <string> account_rights, bool throw_on_error)
        {
            if (sid is null)
            {
                throw new ArgumentNullException(nameof(sid));
            }

            if (account_rights is null)
            {
                throw new ArgumentNullException(nameof(account_rights));
            }

            var rights = account_rights.Select(s => new UnicodeStringIn(s)).ToArray();

            if (!account_rights.Any())
            {
                return(NtStatus.STATUS_SUCCESS);
            }

            using (var policy = SafeLsaHandle.OpenPolicy(system_name, LsaPolicyAccessRights.LookupNames, throw_on_error))
            {
                if (!policy.IsSuccess)
                {
                    return(policy.Status);
                }
                using (var sid_buffer = sid.ToSafeBuffer())
                {
                    return(SecurityNativeMethods.LsaAddAccountRights(policy.Result, sid_buffer,
                                                                     rights, rights.Length).ToNtException(throw_on_error));
                }
            }
        }
        /// <summary>
        /// Add account rights to an account.
        /// </summary>
        /// <param name="sid">The SID of the account.</param>
        /// <param name="account_rights">The list of account rights to add.</param>
        /// <param name="throw_on_error">True to throw on error.</param>
        /// <returns>The NT status code.</returns>
        public NtStatus AddAccountRights(Sid sid, IEnumerable <string> account_rights, bool throw_on_error)
        {
            if (sid is null)
            {
                throw new ArgumentNullException(nameof(sid));
            }

            if (account_rights is null)
            {
                throw new ArgumentNullException(nameof(account_rights));
            }

            var rights = account_rights.Select(s => new UnicodeStringIn(s)).ToArray();

            if (!account_rights.Any())
            {
                return(NtStatus.STATUS_SUCCESS);
            }

            using (var sid_buffer = sid.ToSafeBuffer())
            {
                return(SecurityNativeMethods.LsaAddAccountRights(Handle, sid_buffer,
                                                                 rights, rights.Length).ToNtException(throw_on_error));
            }
        }