Export (0) Print
Expand All
Expand Minimize
This topic has not yet been rated - Rate this topic

AddAuditAccessAce function

The AddAuditAccessAce function adds a system-audit access control entry (ACE) to a system access control list (ACL). The access of a specified security identifier (SID) is audited.

To control whether the new ACE can be inherited by child objects, use the AddAuditAccessAceEx function.

Syntax


BOOL WINAPI AddAuditAccessAce(
  _Inout_  PACL pAcl,
  _In_     DWORD dwAceRevision,
  _In_     DWORD dwAccessMask,
  _In_     PSID pSid,
  _In_     BOOL bAuditSuccess,
  _In_     BOOL bAuditFailure
);

Parameters

pAcl [in, out]

A pointer to an ACL. This function adds a system-audit ACE to this ACL. The ACE is in the form of a SYSTEM_AUDIT_ACE structure.

dwAceRevision [in]

Specifies the revision level of the ACL being modified. This value can be ACL_REVISION or ACL_REVISION_DS. Use ACL_REVISION_DS if the ACL contains object-specific ACEs.

dwAccessMask [in]

Specifies the mask of access rights to be audited for the specified SID.

pSid [in]

A pointer to the SID representing the process whose access is being audited.

bAuditSuccess [in]

Specifies whether successful access attempts are to be audited. Set this flag to TRUE to enable auditing; otherwise, set it to FALSE.

bAuditFailure [in]

Specifies whether unsuccessful access attempts are to be audited. Set this flag to TRUE to enable auditing; otherwise, set it to FALSE.

Return value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError. The following are possible error values.

Return codeDescription
ERROR_ALLOTTED_SPACE_EXCEEDED

The new ACE does not fit into the ACL. A larger ACL buffer is required.

ERROR_INVALID_ACL

The specified ACL is not properly formed.

ERROR_INVALID_SID

The specified SID is not structurally valid.

ERROR_REVISION_MISMATCH

The specified revision is not known or is incompatible with that of the ACL.

ERROR_SUCCESS

The ACE was successfully added.

 

Remarks

The ACE_HEADER structure placed in the ACE by the AddAuditAccessAce function specifies a type and size, but provides no ACE flags.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Winbase.h (include Windows.h)

Library

Advapi32.lib

DLL

Advapi32.dll

See also

Low-level Access Control
Low-level Access Control Functions
ACE_HEADER
AddAccessAllowedAce
AddAccessDeniedAce
AddAce
AddAuditAccessAceEx
DeleteAce
GetAce
SYSTEM_AUDIT_ACE

 

 

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.