I'm using the Win32 method called "LookupAccountName" in order to translate name to SID.
When I try to translate the name "Administrators" I get an SID but when I try to translate the name "Account Operators" I get the following error:
ERR#1332 - No mapping between account names and security IDs was done
Also when I used the following command from CMD:
wmic group where (name='administrators' and domain='%userdomain%') get name,sid
I got an SID.
but when I used the following command from CMD:
wmic group where (name='Account Operators' and domain='%userdomain%') get name,sid
I got the following message : "No Instance(s) Available".
Can anyone explain to me what is the different between the two ? How is it possible that the translation of the "Administrators" group into an SID success while the translation of the "Account Operators" doesn't.
Thanks
[MS.Support]: Well-known security identifiers in Windows operating systems briefly explains the difference between the two (look for SIDs: S-1-5-32-544 and S-1-5-32-548). Regarding Account Operators:
Description: A built-in group that exists only on domain controllers.
The errors you get (either from LookupAccountName or wmic) mean that the Account Operators group is not found.