Export (0) Print
Expand All
Expand Minimize

LsaRegisterLogonProcess function

The LsaRegisterLogonProcess function establishes a connection to the LSA server and verifies that the caller is a logon application.

Syntax


NTSTATUS LsaRegisterLogonProcess(
  _In_   PLSA_STRING LogonProcessName,
  _Out_  PHANDLE LsaHandle,
  _Out_  PLSA_OPERATIONAL_MODE SecurityMode
);

Parameters

LogonProcessName [in]

Pointer to an LSA_STRING structure identifying the logon application. This should be a printable name suitable for display to administrators. For example, the Windows logon application might use the name "User32LogonProcess". This name is used by the LSA during auditing. LsaRegisterLogonProcess does not check whether the name is already in use.

This string must not exceed 127 bytes.

LsaHandle [out]

Pointer that receives a handle used in future authentication function calls.

SecurityMode [out]

The value returned is not meaningful and should be ignored.

Return value

If the function succeeds, the return value is STATUS_SUCCESS.

If the function fails, the return value is an NTSTATUS code. The following are possible error codes.

Return codeDescription
STATUS_PORT_CONNECTION_REFUSED

The caller does not have the SeTcbPrivilege privilege, which is required to call this function.

You can set this privilege by calling LsaAddAccountRights.

STATUS_NAME_TOO_LONG

The specified logon process name exceeds 127 bytes.

 

For more information, see LSA Policy Function Return Values.

The LsaNtStatusToWinError function converts an NTSTATUS code to a Windows error code.

Remarks

This function must be called before a logon process may use any other logon authentication functions provided by the LSA.

The LsaRegisterLogonProcess function verifies that the application making the function call is a logon process by checking that it has the SeTcbPrivilege privilege set. It also opens the application's process for PROCESS_DUP_HANDLE access in anticipation of future LSA authentication calls. For more information, see DuplicateHandle.

When you have finished using the connection to the LSA server, delete the caller's logon application context and close the connection by calling the LsaDeregisterLogonProcess function.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Ntsecapi.h

Library

Secur32.lib

DLL

Secur32.dll

See also

LsaDeregisterLogonProcess
LsaAddAccountRights
LsaConnectUntrusted

 

 

Community Additions

ADD
Show:
© 2014 Microsoft