Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The LsarCreateTrustedDomain method is invoked to create an object of type trusted domain in the server's database.
-
NTSTATUS LsarCreateTrustedDomain( [in] LSAPR_HANDLE PolicyHandle, [in] PLSAPR_TRUST_INFORMATION TrustedDomainInformation, [in] ACCESS_MASK DesiredAccess, [out] LSAPR_HANDLE* TrustedDomainHandle );
PolicyHandle: An RPC context handle obtained from either LsarOpenPolicy or LsarOpenPolicy2.
TrustedDomainInformation: Information about the new trusted domain object (TDO) to be created.
DesiredAccess: An access mask that specifies the desired access to the TDO handle.
TrustedDomainHandle: Used to return the handle for the newly created TDO.
Return Values: The following is a summary of the return values that an implementation MUST return, as specified by the message processing that follows.
-
Return value/code
Description
0x00000000
STATUS_SUCCESS
The request was successfully completed.
0xC0000022
STATUS_ACCESS_DENIED
The caller does not have the permissions to perform this operation.
0xC000000D
STATUS_INVALID_PARAMETER
One of the supplied arguments is invalid.
0xC0000300
STATUS_NOT_SUPPORTED_ON_SBS
The operation is not supported on a particular product.<105>
0xC00002B1
STATUS_DIRECTORY_SERVICE_REQUIRED
The Active Directory service was not available on the server.
0xC0000078
STATUS_INVALID_SID
The security identifier of the trusted domain is not valid.
0xC00002E9
STATUS_CURRENT_DOMAIN_NOT_ALLOWED
0xC0000035
STATUS_OBJECT_NAME_COLLISION
Another TDO already exists that matches some of the identifying information of the supplied information.
0xC0000008
STATUS_INVALID_HANDLE
PolicyHandle is not a valid handle.
0xC0000401
STATUS_PER_USER_TRUST_QUOTA_EXCEEDED
The caller's quota for the maximum number of TDOs that can be created by control access right Create-Inbound-Trust is exceeded.
0xC0000402
STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED
The combined users' quota for the maximum number of TDOs that can be created by control access right Create-Inbound-Trust is exceeded.
Processing:
This message MUST be processed in an identical manner to LsarCreateTrustedDomainEx with the following mapping as input parameters.
PolicyHandle: Same.
TrustedDomainInformation:
Name: Comes from TrustedDomainInformation. Name input parameter.
FlatName: Comes from TrustedDomainInformation. Name input parameter.
SID: Comes from TrustedDomainInformation. Security identifier (SID) input parameter.
TrustDirection: TRUST_DIRECTION_OUTBOUND.
TrustType: TRUST_TYPE_DOWNLEVEL.
TrustAttributes: 0.
AuthenticationInformation: NULL.
DesiredAccess: Same.
TrustedDomainHandle: Same.