The PrivilegedServiceAuditAlarm function generates audit messages when an attempt is made to perform privileged system service operations. Alarms are not supported in the current version of Windows NT.
BOOL PrivilegedServiceAuditAlarm(
LPCTSTR SubsystemName, |
// address of string for subsystem name |
LPCTSTR ServiceName, |
// address of string for service name |
HANDLE ClientToken, |
// handle of access token |
PPRIVILEGE_SET Privileges, |
// address of privileges |
BOOL AccessGranted |
// flag for granted access rights |
); |
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
The PrivilegedServiceAuditAlarm function requires the calling process to have SE_AUDIT_NAME privilege. The test for this privilege is always performed against the primary token of the calling process. This allows the calling process to impersonate a client during the call.
AccessCheck, AccessCheckAndAuditAlarm, AreAllAccessesGranted, AreAnyAccessesGranted, MapGenericMask, ObjectCloseAuditAlarm, ObjectDeleteAuditAlarm, ObjectOpenAuditAlarm, ObjectPrivilegeAuditAlarm, PrivilegeCheck, PRIVILEGE_SET
file: /Techref/os/win/api/win32/func/src/f68_14.htm, 4KB, , updated: 2000/4/7 11:19, local time: 2024/11/9 23:55,
52.14.0.59:LOG IN ©2024 PLEASE DON'T RIP! THIS SITE CLOSES OCT 28, 2024 SO LONG AND THANKS FOR ALL THE FISH!
|
©2024 These pages are served without commercial sponsorship. (No popup ads, etc...).Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE. Questions? <A HREF="http://linistepper.com/Techref/os/win/api/win32/func/src/f68_14.htm"> PrivilegedServiceAuditAlarm</A> |
Did you find what you needed? |