WLAN_SECURABLE_OBJECT enumeration

The WLAN_SECURABLE_OBJECT enumerated type defines the securable objects used by Native Wifi Functions.

These objects can be secured using WlanSetSecuritySettings. The current permissions associated with these objects can be retrieved using WlanGetSecuritySettings. For more information about the use of securable objects, see How DACLs Control Access to an Object.

Syntax


typedef enum _WLAN_SECURABLE_OBJECT { 
  wlan_secure_permit_list                     = 0,
  wlan_secure_deny_list                       = 1,
  wlan_secure_ac_enabled                      = 2,
  wlan_secure_bc_scan_enabled                 = 3,
  wlan_secure_bss_type                        = 4,
  wlan_secure_show_denied                     = 5,
  wlan_secure_interface_properties            = 6,
  wlan_secure_ihv_control                     = 7,
  wlan_secure_all_user_profiles_order         = 8,
  wlan_secure_add_new_all_user_profiles       = 9,
  wlan_secure_add_new_per_user_profiles       = 10,
  wlan_secure_media_streaming_mode_enabled    = 11,
  wlan_secure_current_operation_mode          = 12,
  wlan_secure_get_plaintext_key               = 13,
  wlan_secure_hosted_network_elevated_access  = 14,
  wlan_secure_virtual_station_extensibility   = 15,
  wlan_secure_wfd_elevated_access             = 16
} WLAN_SECURABLE_OBJECT, *PWLAN_SECURABLE_OBJECT;

Constants

wlan_secure_permit_list

The permissions for modifying the permit list for user profiles.

The discretionary access control lists (DACL) associated with this securable object is retrieved when either WlanGetFilterList or WlanSetFilterList is called with wlanFilterListType set to wlan_filter_list_type_user_permit. For the WlanGetFilterList call to succeed, the DACL must contain an access control entry (ACE) that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetFilterList call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_deny_list

The permissions for modifying the deny list for user profiles. The auto config service will not establish a connection to a network on the deny list.

The DACL associated with this securable object is retrieved when either WlanGetFilterList or WlanSetFilterList is called with wlanFilterListType set to wlan_filter_list_type_user_deny. For the WlanGetFilterList call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetFilterList call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_ac_enabled

The permissions for enabling the auto config service.

The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_autoconf_enabled. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_bc_scan_enabled

The permissions for enabling background scans.

The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_background_scan_enabled. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_bss_type

The permissions for altering the basic service set type.

The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_bss_type. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_show_denied

The permissions for modifying whether networks on the deny list appear in the available networks list.

The DACL associated with this securable object is retrieved when either WlanQueryAutoConfigParameter or WlanSetAutoConfigParameter is called with OpCode set to wlan_autoconf_opcode_show_denied_networks. For the WlanQueryAutoConfigParameter call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetAutoConfigParameter call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_interface_properties

The permissions for changing interface properties.

This is the generic securable object used by WlanQueryInterface or WlanSetInterface when another more specific securable object is not used. Its DACL is retrieved whenever WlanQueryInterface or WlanSetInterface is access token of the calling thread and the OpCode is set to a value other than wlan_intf_opcode_autoconf_enabled, wlan_intf_opcode_background_scan_enabled, wlan_intf_opcode_media_streaming_mode, wlan_intf_opcode_bss_type, or wlan_intf_opcode_current_operation_mode. The DACL is also not retrieved when OpCode is set to wlan_intf_opcode_radio_state and the caller is the console user.

For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_ihv_control

The permissions for using the WlanIhvControl function for independent hardware vendor (IHV) control of WLAN drivers or services.

The DACL associated with this securable object is retrieved when WlanIhvControl is called. For the call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_all_user_profiles_order

The permissions for modifying the order of all-user profiles.

The DACL associated with this securable object is retrieved before WlanSetProfileList or WlanSetProfilePosition performs an operation that changes the relative order of all-user profiles in the profile list or moves an all-user profile to a lower position in the profile list. For either call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_add_new_all_user_profiles

The permissions for adding new all-user profiles.

Note  The security descriptor associated with this object is applied to new all-user profiles created.

The DACL associated with this securable object is retrieved when WlanSetProfile is called with dwFlags set to 0. For the call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_add_new_per_user_profiles

The permissions for adding new per-user profiles.

The DACL associated with this securable object is retrieved when WlanSetProfile is called with dwFlags set to WLAN_PROFILE_USER. For the call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_media_streaming_mode_enabled

The permissions for setting or querying the media streaming mode.

The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_media_streaming_mode. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_current_operation_mode

The permissions for setting or querying the operation mode of the wireless interface.

The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_current_operation_mode. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread.

wlan_secure_get_plaintext_key

The permissions for retrieving the plain text key from a wireless profile.

The DACL associated with this securable object is retrieved when the WlanGetProfile function is called with the WLAN_PROFILE_GET_PLAINTEXT_KEY flag set in the value pointed to by the pdwFlags parameter on input. For the WlanGetProfile call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. By default, the permissions for retrieving the plain text key is allowed only to the members of the Administrators group on a local computer.

Windows 7:  This value is an extension to native wireless APIs added on Windows 7 and later.

wlan_secure_hosted_network_elevated_access

The permissions that have elevated access to call the privileged Hosted Network functions.

The DACL associated with this securable object is retrieved when the WlanHostedNetworkSetProperty function is called with the OpCode parameter set to wlan_hosted_network_opcode_enable. For the WlanHostedNetworkSetProperty call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. By default, the permission to set the wireless Hosted Network property to wlan_hosted_network_opcode_enable is allowed only to the members of the Administrators group on a local computer.

The DACL associated with this securable object is retrieved when the WlanHostedNetworkForceStart function is called. For the WlanHostedNetworkForceStart call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. By default, the permission to force start the wireless Hosted Network is allowed only to the members of the Administrators group on a local computer.

Windows 7:  This value is an extension to native wireless APIs added on Windows 7 and later.

wlan_secure_virtual_station_extensibility

Windows 7:  This value is an extension to native wireless APIs added on Windows 7 and later.

wlan_secure_wfd_elevated_access

This value is reserved for internal use by the Wi-Fi Direct service.

Windows 8:  This value is an extension to native wireless APIs added on Windows 8 and later.

Remarks

These objects can be secured using WlanSetSecuritySettings. The current permissions associated with these objects can be retrieved using WlanGetSecuritySettings. For more information about the use of securable objects, see How DACLs Control Access to an Object and Native Wifi API Permissions.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

Wlanapi.h

See also

How DACLs Control Access to an Object
Native Wifi API Permissions
WlanGetFilterList
WlanGetProfile
WlanHostedNetworkForceStart
WlanHostedNetworkSetProperty
WlanIhvControl
WlanQueryAutoConfigParameter
WlanQueryInterface
WlanSetAutoConfigParameter
WlanSetFilterList
WlanSetInterface
WlanSetInterface
WlanSetProfile
WlanSetProfileList
WlanSetProfilePosition

 

 

Community Additions

ADD
Show:
© 2014 Microsoft