#ifndef _NTRTL_H
/**
* The RtlGetGroupSecurityDescriptor routine returns the primary group information for a given security descriptor.
*
* \param SecurityDescriptor Pointer to the security descriptor whose primary group information is to be returned.
* \param Group Pointer to a variable that receives a pointer to the security identifier (SID) for the primary group.
* \param GroupDefaulted Pointer to a Boolean variable that receives the value of the SE_GROUP_DEFAULTED flag.
* \return NTSTATUS Successful or errant status.
* \see https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/nf-ntifs-rtlgetgroupsecuritydescriptor
*/
NTSYSAPI
NTSTATUS
NTAPI
RtlGetGroupSecurityDescriptor(
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor,
_Outptr_result_maybenull_ PSID *Group,
_Out_ PBOOLEAN GroupDefaulted
);
View code on GitHub
This function is documented in Windows Driver Kit.