please dont rip this site Prev Next

SetNamedSecurityInfoEx info  Overview  Group

[This is a preview of an interface that may appear in future releases of Windows.]

The SetNamedSecurityInfoEx function sets the specified security information for an object specified by name.

SetNamedSecurityInfoEx differs from the SetNamedSecurityInfo function in that it allows you to set access-control information for the properties on an object, as well as for the object itself. In addition, SetNamedSecurityInfoEx uses provider-independent access flags, but SetNamedSecurityInfo uses Windows NT-specific access flags.

DWORD SetNamedSecurityInfoEx(

    LPCTSTR lpObject,

// name of the object

    SE_OBJECT_TYPE ObjectType,

// type of object

    SECURITY_INFORMATION SecurityInfo,

// type of security information to set

    LPCTSTR lpProvider,

// name of provider to handle request

    PACTRL_ACCESS pAccessList,

// pointer to the DACL information

    PACTRL_AUDIT pAuditList,

// pointer to the SACL information

    LPTSTR lpOwner,

// name of the object’s owner

    LPTSTR lpGroup,

// name of the object’s primary group

    PACTRL_OVERLAPPED pOverlapped

// pointer to a structure for asynchronous operation

   );

Parameters

lpObject
Pointer to a null-terminated string that specifies the name of the object on which to set security information. For descriptions of the string formats for the different object types, see SE_OBJECT_TYPE.
ObjectType
Specifies a value from the SE_OBJECT_TYPE enumeration that indicates the type of object named by the lpObject parameter.
SecurityInfo
A set of SECURITY_INFORMATION bit flags that indicate the type of security information to set. This parameter can be a combination of the following values.

Value

Meaning

OWNER_SECURITY_INFORMATION

Set the object’s owner. The lpOwner parameter points to the new name of the object’s owner.

GROUP_SECURITY_INFORMATION

Set the object’s primary group. The lpGroup parameter points to the new name of the object’s primary group.

DACL_SECURITY_INFORMATION

Set the discretionary access-control list (DACL) for the object. The pAccessList parameter points to a structure containing new access-control information for the object. For DS objects, the pAccessList buffer can also contain access-control information for any properties on the object.

SACL_SECURITY_INFORMATION

Set the system access-control list (SACL) for the object. The pAuditList parameter points to a structure containing new audit-control information for the object. For DS objects, the pAuditList buffer can also contain audit-control information for any properties on the object.

lpProvider
Pointer to a null-terminated string that specifies the name of the provider to handle the request. If this parameter is NULL, the system determines the proper provider to handle the request.
pAccessList
Pointer to an ACTRL_ACCESS structure containing the new access-control information for the object’s DACL. For DS objects, the structure can also contain access-control information for the object’s properties. The SecurityInfo parameter must include the DACL_SECURITY_INFORMATION flag. The caller must have WRITE_DAC access to the object or be the object’s owner. This parameter can be NULL if you are not setting the DACL.
pAuditList
Pointer to an ACTRL_AUDIT structure containing the new audit-control information for the object’s SACL. For DS objects, the structure can also contain audit-control information for the object’s properties. The SecurityInfo parameter must include the SACL_SECURITY_INFORMATION flag. The caller must have the SE_SECURITY_NAME privilege enabled. This parameter can be NULL if you are not setting the SACL.
lpOwner
Pointer to a null-terminated string containing the new name of the object’s owner. The function attempts to convert the name to an SID. The SecurityInfo parameter must include the OWNER_SECURITY_INFORMATION flag. The caller must have WRITE_OWNER access to the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled. This parameter can be NULL if you are not setting the owner SID.

The function uses a NULL owner for objects on systems other than Windows NT that do not support object owners.

lpGroup
Pointer to a null-terminated string containing the name of the object’s primary group. The SecurityInfo parameter must include the GROUP_SECURITY_INFORMATION flag. This parameter can be NULL if you are not setting the primary group SID.

The function uses a NULL primary group for objects on systems other than Windows NT that do not support object groups.

pOverlapped
Pointer to an ACTRL_OVERLAPPED structure. If this parameter is non-NULL, the function returns immediately and the set operation is performed asynchronously. SetNamedSecurityInfoEx returns a handle to an event object in the hEvent member of this structure. The system sets this event object to the signaled state when the operation has been completed.

If this parameter is NULL, the function is performed synchronously and does not return until the operation has been completed. Note that a synchronous operation can take an extended period of time and cannot be cancelled.

Return Values

If the function succeeds, the return value is ERROR_SUCCESS. If the pOverlapped parameter was NULL, the function successfully set the specified security information. If pOverlapped was not NULL, the function started the asynchronous operation.

If the function fails, the return value can be one of the following error codes.

Value

Meaning

ERROR_BAD_PROVIDER

The lpProvider parameter specified an invalid provider name.

ERROR_INVALID_PARAMETER

An invalid parameter was specified.

ERROR_NOT_ENOUGH_MEMORY

A memory allocation failed

Remarks

If the pOverlapped parameter is points to a valid ACTRL_OVERLAPPED structure, SetNamedSecurityInfoEx returns immediately and returns a handle to an event object in the hEvent member of the ACTRL_OVERLAPPED structure. The system sets this event object to the signaled state when the operation has been completed. You can call the GetOverlappedAccessResults function to wait for the operation to be completed and retrieve the results of the asynchronous operation. Alternatively, you can call one of the wait functions, such as WaitForSingleObject, to wait for the event object to be signaled, and then call GetOverlappedAccessResults to determine the results of the operation. The wait functions also allow you to specify a time-out interval; if the interval elapses before the event is signaled, you can call the CancelOverlappedAccess function to cancel the asynchronous operation. If the pOverlapped parameter is NULL, the operation is performed synchronously.

To set the security information for a DS object and all its properties, specify SE_DS_OBJECT in the ObjectType parameter and use the pAccessList and pAuditList parameters to specify the security information. Set the pPropertyAccessList member of the ACTRL_ACCESS or ACTRL_AUDIT structure to point to an array of ACTRL_PROPERTY_ENTRY structures. Use one ACTRL_PROPERTY_ENTRY structure to specify access-control information for the object, and additional structures to specify information for each property that requires explicit security. Properties that are not explicitly identified in the array of ACTRL_PROPERTY_ENTRY structures are protected only by the object’s access control.

For file, registry, and DS objects, the SetNamedSecurityInfoEx function can propagate access-control information to the child objects of the specified object. This can occur when the child objects inherit access-control entries from their parent object. This propagation can be time consuming, so you might want to perform it as an asynchronous operation.

Currently, the import library for the SetNamedSecurityInfoEx function is ACCSRC.LIB. This is temporary. Eventually, the import library will be ADVAPI32.LIB. Meanwhile, any source code that links with the ACCSRC.LIB library must call the AccProvInit macro as follows: 

    DWORD dwErrcode;



    AccProvInit(dwErrcode);

    if(dwErrcode != ERROR_SUCCESS)

    {

         // Consider this an error...

    }

 

See Also

ACTRL_ACCESS, ACTRL_AUDIT, ACTRL_PROPERTY_ENTRY, GetNamedSecurityInfoEx, GetSecurityInfoEx, SE_OBJECT_TYPE, SECURITY_INFORMATION, SetSecurityInfoEx

file: /Techref/os/win/api/win32/func/src/f80_11.htm, 13KB, , updated: 2000/4/7 11:19, local time: 2024/11/8 01:46,
TOP NEW HELP FIND: 
18.117.254.221:LOG IN
©2024 PLEASE DON'T RIP! THIS SITE CLOSES OCT 28, 2024 SO LONG AND THANKS FOR ALL THE FISH!
 ©2024 These pages are served without commercial sponsorship. (No popup ads, etc...).Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE. Questions?
Please DO link to this page! Digg it! / MAKE!

<A HREF="http://linistepper.com/techref/os/win/api/win32/func/src/f80_11.htm"> SetNamedSecurityInfoEx</A>
After you find an appropriate page, you are invited to your to this massmind site! (posts will be visible only to you before review) Just type a nice message (short messages are blocked as spam) in the box and press the Post button. (HTML welcomed, but not the <A tag: Instead, use the link box to link to another page. A tutorial is available Members can login to post directly, become page editors, and be credited for their posts.


Link? Put it here: 
if you want a response, please enter your email address: 
Attn spammers: All posts are reviewed before being made visible to anyone other than the poster.
Did you find what you needed?