|
Overview |
|
|
|
Group |
|
|
|
Quick Info
Windows NT
| Yes
| Win95
| No
| Win32s
| No
| Import Library
| advapi32.lib
| Header File
| winbase.h
| Unicode
| WinNT
| Platform Notes
| None
|
|
|
PrivilegedServiceAuditAlarm
The PrivilegedServiceAuditAlarm function generates audit messages when an attempt is made to perform
privileged system service operations. Alarms are not supported in the current version
of Windows NT.
BOOL PrivilegedServiceAuditAlarm(
LPCTSTR SubsystemName,
| // address of string for subsystem name
| LPCTSTR ServiceName,
| // address of string for service name
| HANDLE ClientToken,
| // handle of access token
| PPRIVILEGE_SET Privileges,
| // address of privileges
| BOOL AccessGranted
| // flag for granted access rights
| );
|
|
Parameters
SubsystemName
Points to a null-terminated string specifying the name of the subsystem
calling the function, such as "DEBUG" or "WIN32".
ServiceName
Points to a null-terminated string specifying the name of the privileged
subsystem service. For example, "RESET RUNTIME LOCAL SECURITY POLICY" might be
specified by a local security authority service used to update the local security
policy database.
ClientToken
Identifies an access token representing the client that requested the
operation. This handle must have been obtained by opening the token of a thread
impersonating the client. The token must be open for TOKEN_QUERY access.
Privileges
Points to a PRIVILEGE_SET structure containing the privileges required to perform the operation. The
information in this structure is supplied by a call to the PrivilegeCheck function.
AccessGranted
Specifies a flag indicating whether access was granted or denied in a previous
call to an access-checking function, such as PrivilegeCheck. If access is granted, this flag is TRUE. If access is denied, it is FALSE.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error
information, call GetLastError.
Remarks
The PrivilegedServiceAuditAlarm function requires the calling process to have SE_AUDIT_NAME privilege. The
test for this privilege is always performed against the primary token of the
calling process. This allows the calling process to impersonate a client during the
call.
See Also
AccessCheck, AccessCheckAndAuditAlarm, AreAllAccessesGranted, AreAnyAccessesGranted, MapGenericMask, ObjectCloseAuditAlarm, ObjectDeleteAuditAlarm, ObjectOpenAuditAlarm, ObjectPrivilegeAuditAlarm, PrivilegeCheck, PRIVILEGE_SET
Related Links
Software for Delphi and C++ Builder developers
Software for Visual Studio .NET developers
Software for Visual Basic 6 developers
Delphi Tips&Tricks
MegaDetailed.NET
TMS Scripter Studio Pro components for Delphi/C++Builder
More Online Helps
Win32 Multimedia Programmer's Reference (mmedia.hlp)
OLE Programmer's Reference (ole.hlp)
Microsoft Windows Pen API Programmer's Reference (penapi.hlp)
Microsoft Windows Sockets 2 Reference (sock2.hlp)
Microsoft Windows Telephony API (TAPI) Programmer's Reference (tapi.hlp)
Unix Manual Pages
|
