#ifndef _NTOBAPI_H
// Directory objects
#if (PHNT_MODE != PHNT_MODE_KERNEL)

NTSYSCALLAPI
NTSTATUS
NTAPI
NtQueryDirectoryObject(
    _In_ HANDLE DirectoryHandle,
    _Out_writes_bytes_opt_(Length) PVOID Buffer,
    _In_ ULONG Length,
    _In_ BOOLEAN ReturnSingleEntry,
    _In_ BOOLEAN RestartScan,
    _Inout_ PULONG Context,
    _Out_opt_ PULONG ReturnLength
    );

#endif
#endif
View code on GitHub

#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwQueryDirectoryObject(
    _In_ HANDLE DirectoryHandle,
    _Out_writes_bytes_opt_(Length) PVOID Buffer,
    _In_ ULONG Length,
    _In_ BOOLEAN ReturnSingleEntry,
    _In_ BOOLEAN RestartScan,
    _Inout_ PULONG Context,
    _Out_opt_ PULONG ReturnLength
    );

#endif
View code on GitHub

This function is documented in Windows SDK.

DirectoryObjectHandle

Handle to Directory Object opened with DIRECTORY_QUERY access.

DirObjInformation

Pointer to OBJDIR_INFORMATION structure. Warning: structure has variable length depending on length of object name.
To test for required length of buffer use DataWritten parameter.

BufferLength

Length of DirObjInformation buffer.

GetNextIndex

Decide of ObjectIndex parameter usage on output.
If FALSE: ObjectIndex is number of object in Object Directory.
If TRUE: ObjectIndex is index of next object to queried object (see below) in Object Directory.

IgnoreInputIndex

Decide how to use ObjectIndex on function input.
If FALSE: ObjectIndex point to ULONG index of object in Object Directory.
If TRUE: ObjectIndex input value is ignored. Function always return information about first object in Object Directory.

ObjectIndex

Pointer to ULONG value described above.

DataWritten

Pointer to ULONG value receiving required / written buffer size. This parameter is optional.

Documented by

Tomasz Nowak

NtQueryDirectoryObject - NtDoc