diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 1a2e39dfe18..b1f56641531 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -2659,6 +2659,36 @@ static void test_ConvertStringSecurityDescriptor(void)
     BOOL ret;
     PSECURITY_DESCRIPTOR pSD;
     static const WCHAR Blank[] = { 0 };
+    int i;
+    static const struct
+    {
+        const char *sidstring;
+        DWORD      revision;
+        BOOL       ret;
+        DWORD      GLE;
+    } cssd[] =
+    {
+        { "D:(A;;GA;;;WD)",                  0xdeadbeef,      FALSE, ERROR_UNKNOWN_REVISION },
+        /* test ACE string type */
+        { "D:(A;;GA;;;WD)",                  SDDL_REVISION_1, TRUE },
+        { "D:(D;;GA;;;WD)",                  SDDL_REVISION_1, TRUE },
+        { "ERROR:(D;;GA;;;WD)",              SDDL_REVISION_1, FALSE, ERROR_INVALID_PARAMETER },
+        /* test ACE string access rights */
+        { "D:(A;;GA;;;WD)",                  SDDL_REVISION_1, TRUE },
+        { "D:(A;;GRGWGX;;;WD)",              SDDL_REVISION_1, TRUE },
+        { "D:(A;;RCSDWDWO;;;WD)",            SDDL_REVISION_1, TRUE },
+        { "D:(A;;RPWPCCDCLCSWLODTCR;;;WD)",  SDDL_REVISION_1, TRUE },
+        { "D:(A;;FAFRFWFX;;;WD)",            SDDL_REVISION_1, TRUE },
+        { "D:(A;;KAKRKWKX;;;WD)",            SDDL_REVISION_1, TRUE },
+        { "D:(A;;0xFFFFFFFF;;;WD)",          SDDL_REVISION_1, TRUE },
+        { "S:(AU;;0xFFFFFFFF;;;WD)",         SDDL_REVISION_1, TRUE },
+        /* test ACE string access right error case */
+        { "D:(A;;ROB;;;WD)",                 SDDL_REVISION_1, FALSE, ERROR_INVALID_ACL },
+        /* test behaviour with empty strings */
+        { "",                                SDDL_REVISION_1, TRUE },
+        /* test ACE string SID */
+        { "D:(D;;GA;;;S-1-0-0)",             SDDL_REVISION_1, TRUE }
+    };
 
     if (!pConvertStringSecurityDescriptorToSecurityDescriptorA)
     {
@@ -2666,82 +2696,20 @@ static void test_ConvertStringSecurityDescriptor(void)
         return;
     }
 
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;GA;;;WD)", 0xdeadbeef, &pSD, NULL);
-    ok(!ret && GetLastError() == ERROR_UNKNOWN_REVISION,
-        "ConvertStringSecurityDescriptorToSecurityDescriptor should have failed with ERROR_UNKNOWN_REVISION instead of %d\n",
-        GetLastError());
+    for (i = 0; i < sizeof(cssd)/sizeof(cssd[0]); i++)
+    {
+        DWORD GLE;
 
-    /* test ACE string type */
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;GA;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(D;;GA;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "ERROR:(D;;GA;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(!ret && GetLastError() == ERROR_INVALID_PARAMETER,
-        "ConvertStringSecurityDescriptorToSecurityDescriptor should have failed with ERROR_INVALID_PARAMETER instead of %d\n",
-        GetLastError());
-
-    /* test ACE string access rights */
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;GA;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;GRGWGX;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;RCSDWDWO;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;RPWPCCDCLCSWLODTCR;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;FAFRFWFX;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;KAKRKWKX;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;0xFFFFFFFF;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "S:(AU;;0xFFFFFFFF;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-
-    /* test ACE string access right error case */
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(A;;ROB;;;WD)", SDDL_REVISION_1, &pSD, NULL);
-    ok(!ret && GetLastError() == ERROR_INVALID_ACL,
-        "ConvertStringSecurityDescriptorToSecurityDescriptor should have failed with ERROR_INVALID_ACL instead of %d\n",
-        GetLastError());
+        SetLastError(0xdeadbeef);
+        ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
+            cssd[i].sidstring, cssd[i].revision, &pSD, NULL);
+        GLE = GetLastError();
+        ok(ret == cssd[i].ret, "(%02d) Expected %s (%d)\n", i, cssd[i].ret ? "success" : "failure", GLE);
+        if (!cssd[i].ret)
+            ok(GLE == cssd[i].GLE, "(%02d) Expected %d, got %d\n", i, cssd[i].GLE, GLE);
+        if (ret)
+            LocalFree(pSD);
+    }
 
     /* test behaviour with NULL parameters */
     SetLastError(0xdeadbeef);
@@ -2774,23 +2742,12 @@ static void test_ConvertStringSecurityDescriptor(void)
         GetLastError());
 
     /* test behaviour with empty strings */
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-
     SetLastError(0xdeadbeef);
     ret = pConvertStringSecurityDescriptorToSecurityDescriptorW(
         Blank, SDDL_REVISION_1, &pSD, NULL);
     ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
 
     /* test ACE string SID */
-    SetLastError(0xdeadbeef);
-    ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
-        "D:(D;;GA;;;S-1-0-0)", SDDL_REVISION_1, &pSD, NULL);
-    ok(ret, "ConvertStringSecurityDescriptorToSecurityDescriptor failed with error %d\n", GetLastError());
-    LocalFree(pSD);
-
     SetLastError(0xdeadbeef);
     ret = pConvertStringSecurityDescriptorToSecurityDescriptorA(
         "D:(D;;GA;;;Nonexistent account)", SDDL_REVISION_1, &pSD, NULL);