I get this error return whether I try LsaQueryInformationPolicy()
on the local host or on some other machine in the domain. The flags I use for LsaOpenPolicy()
are POLICY_LOOKUP_NAMES | POLICY_VIEW_LOCAL_INFORMATION
but I also tried POLICY_LOOKUP_NAMES | POLICY_VIEW_LOCAL_INFORMATION | READ_CONTROL
without success.
The user I'm logged in as is a local admin both on my machine and on all others I'm trying this.
For the second parameter to LsaQueryInformationPolicy()
I use PolicyAuditEventsInformation
.
I'm able to use LsaEnumerateAccountRights()
against the same host, using the same policy handle, successfully.