PRIVILEGE_SET structure (winnt.h)

The PRIVILEGE_SET structure specifies a set of privileges. It is also used to indicate which, if any, privileges are held by a user or group requesting access to an object.

Syntax

typedef struct _PRIVILEGE_SET {
  DWORD               PrivilegeCount;
  DWORD               Control;
  LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY];
} PRIVILEGE_SET, *PPRIVILEGE_SET;

Members

PrivilegeCount

Specifies the number of privileges in the privilege set.

Control

Specifies a control flag related to the privileges. The PRIVILEGE_SET_ALL_NECESSARY control flag is currently defined. It indicates that all of the specified privileges must be held by the process requesting access. If this flag is not set, the presence of any privileges in the user's access token grants the access.

Privilege[ANYSIZE_ARRAY]

Specifies an array of LUID_AND_ATTRIBUTES structures describing the set's privileges. The following attributes are defined for privileges.

Value	Meaning
SE_PRIVILEGE_ENABLED_BY_DEFAULT	The privilege is enabled by default.
SE_PRIVILEGE_ENABLED	The privilege is enabled.
SE_PRIVILEGE_USED_FOR_ACCESS	The privilege was used to gain access to an object or service. This flag is used to identify the relevant privileges in a set passed by a client application that may contain unnecessary privileges.

Remarks

A privilege is used to control access to an object or service more strictly than is typical with discretionary access control. A system manager uses privileges to control which users are able to manipulate system resources. An application uses privileges when it changes a system-wide resource, such as when it changes the system time or shuts down the system.

Requirements

Requirement	Value
Minimum supported client	Windows XP [desktop apps only]
Minimum supported server	Windows Server 2003 [desktop apps only]
Header	winnt.h (include Windows.h)

See also

LUID

LUID_AND_ATTRIBUTES

PrivilegeCheck