Export (0) Print
Expand All
Expand Minimize

AuditQueryGlobalSacl function

The AuditQueryGlobalSacl function retrieves a global system access control list (SACL) that delegates access to the audit messages. Updating the global SACL requires the SeSecurityPrivilege which protects the global SACL from being updated by any user without administrator privileges.

Syntax


BOOLEAN WINAPI AuditQueryGlobalSacl(
  _In_   PCWSTR ObjectTypeName,
  _Out_  PACL *Acl
);

Parameters

ObjectTypeName [in]

A pointer to a null-terminated string specifying the type of object being accessed. This parameter must be either "File" or "Key", depending on whether the object is a file or registry. This string appears in any audit message that the function generates.

Acl [out]

A pointer to an ACL structure that contains the SACL information. This should be freed later by calling the LocalFree function.

Return value

If the function succeeds, it returns TRUE.

If the function fails, it returns FALSE. To get extended error information, call GetLastError. GetLastError may return one of the following error codes defined in WinError.h.

Return code/valueDescription
ERROR_ACCESS_DENIED
5

The caller does not have the privilege or access rights necessary to call this function.

ERROR_INVALID_PARAMETER
87

One or more parameters are invalid.

 

Remarks

To successfully call this function, the caller must have SeSecurityPrivilege.

Requirements

Minimum supported client

Windows 7 [desktop apps only]

Minimum supported server

Windows Server 2008 R2 [desktop apps only]

Header

Ntsecapi.h

Library

Advapi32.lib

DLL

Advapi32.dll

Unicode and ANSI names

AuditQueryGlobalSaclW (Unicode) and AuditQueryGlobalSaclA (ANSI)

 

 

Community Additions

ADD
Show:
© 2014 Microsoft