WLAN_SECURABLE_OBJECT enumeration (wlanapi.h)
The WLAN_SECURABLE_OBJECT enumerated type defines the securable objects used by Native Wifi Functions.
These objects can be secured using WlanSetSecuritySettings. The current permissions associated with these objects can be retrieved using WlanGetSecuritySettings. For more information about the use of securable objects, see How DACLs Control Access to an Object.
Syntax
typedef enum _WLAN_SECURABLE_OBJECT {
wlan_secure_permit_list = 0,
wlan_secure_deny_list,
wlan_secure_ac_enabled,
wlan_secure_bc_scan_enabled,
wlan_secure_bss_type,
wlan_secure_show_denied,
wlan_secure_interface_properties,
wlan_secure_ihv_control,
wlan_secure_all_user_profiles_order,
wlan_secure_add_new_all_user_profiles,
wlan_secure_add_new_per_user_profiles,
wlan_secure_media_streaming_mode_enabled,
wlan_secure_current_operation_mode,
wlan_secure_get_plaintext_key,
wlan_secure_hosted_network_elevated_access,
wlan_secure_virtual_station_extensibility,
wlan_secure_wfd_elevated_access,
WLAN_SECURABLE_OBJECT_COUNT
} WLAN_SECURABLE_OBJECT, *PWLAN_SECURABLE_OBJECT;
Constants
wlan_secure_permit_listValue: 0 The permissions for modifying the permit list for user profiles. The discretionary access control lists (DACL) associated with this securable object is retrieved when either WlanGetFilterList or WlanSetFilterList is called with wlanFilterListType set to wlan_filter_list_type_user_permit. For the WlanGetFilterList call to succeed, the DACL must contain an access control entry (ACE) that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetFilterList call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_deny_listThe permissions for modifying the deny list for user profiles. The auto config service will not establish a connection to a network on the deny list. The DACL associated with this securable object is retrieved when either WlanGetFilterList or WlanSetFilterList is called with wlanFilterListType set to wlan_filter_list_type_user_deny. For the WlanGetFilterList call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetFilterList call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_ac_enabledThe permissions for enabling the auto config service. The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_autoconf_enabled. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_bc_scan_enabledThe permissions for enabling background scans. The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_background_scan_enabled. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_bss_typeThe permissions for altering the basic service set type. The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_bss_type. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_show_deniedThe permissions for modifying whether networks on the deny list appear in the available networks list. The DACL associated with this securable object is retrieved when either WlanQueryAutoConfigParameter or WlanSetAutoConfigParameter is called with OpCode set to wlan_autoconf_opcode_show_denied_networks. For the WlanQueryAutoConfigParameter call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetAutoConfigParameter call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_interface_propertiesThe permissions for changing interface properties. This is the generic securable object used by WlanQueryInterface or WlanSetInterface when another more specific securable object is not used. Its DACL is retrieved whenever WlanQueryInterface or WlanSetInterface is access token of the calling thread and the OpCode is set to a value other than wlan_intf_opcode_autoconf_enabled, wlan_intf_opcode_background_scan_enabled, wlan_intf_opcode_media_streaming_mode, wlan_intf_opcode_bss_type, or wlan_intf_opcode_current_operation_mode. The DACL is also not retrieved when OpCode is set to wlan_intf_opcode_radio_state and the caller is the console user. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_ihv_controlThe permissions for using the WlanIhvControl function for independent hardware vendor (IHV) control of WLAN drivers or services. The DACL associated with this securable object is retrieved when WlanIhvControl is called. For the call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_all_user_profiles_orderThe permissions for modifying the order of all-user profiles. The DACL associated with this securable object is retrieved before WlanSetProfileList or WlanSetProfilePosition performs an operation that changes the relative order of all-user profiles in the profile list or moves an all-user profile to a lower position in the profile list. For either call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_add_new_all_user_profilesThe permissions for adding new all-user profiles. Note The security descriptor associated with this object is applied to new all-user profiles created. The DACL associated with this securable object is retrieved when WlanSetProfile is called with dwFlags set to 0. For the call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_add_new_per_user_profilesThe permissions for adding new per-user profiles. The DACL associated with this securable object is retrieved when WlanSetProfile is called with dwFlags set to WLAN_PROFILE_USER. For the call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_media_streaming_mode_enabledThe permissions for setting or querying the media streaming mode. The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_media_streaming_mode. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_current_operation_modeThe permissions for setting or querying the operation mode of the wireless interface. The DACL associated with this securable object is retrieved when either WlanQueryInterface or WlanSetInterface is called with OpCode set to wlan_intf_opcode_current_operation_mode. For the WlanQueryInterface call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. For the WlanSetInterface call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. |
wlan_secure_get_plaintext_keyThe permissions for retrieving the plain text key from a wireless profile. The DACL associated with this securable object is retrieved when the WlanGetProfile function is called with the WLAN_PROFILE_GET_PLAINTEXT_KEY flag set in the value pointed to by the pdwFlags parameter on input. For the WlanGetProfile call to succeed, the DACL must contain an ACE that grants WLAN_READ_ACCESS permission to the access token of the calling thread. By default, the permissions for retrieving the plain text key is allowed only to the members of the Administrators group on a local computer. Windows 7: This value is an extension to native wireless APIs added on Windows 7 and later. |
wlan_secure_hosted_network_elevated_accessThe permissions that have elevated access to call the privileged Hosted Network functions. The DACL associated with this securable object is retrieved when the WlanHostedNetworkSetProperty function is called with the OpCode parameter set to wlan_hosted_network_opcode_enable. For the WlanHostedNetworkSetProperty call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. By default, the permission to set the wireless Hosted Network property to wlan_hosted_network_opcode_enable is allowed only to the members of the Administrators group on a local computer. The DACL associated with this securable object is retrieved when the WlanHostedNetworkForceStart function is called. For the WlanHostedNetworkForceStart call to succeed, the DACL must contain an ACE that grants WLAN_WRITE_ACCESS permission to the access token of the calling thread. By default, the permission to force start the wireless Hosted Network is allowed only to the members of the Administrators group on a local computer. Windows 7: This value is an extension to native wireless APIs added on Windows 7 and later. |
wlan_secure_virtual_station_extensibilityWindows 7: This value is an extension to native wireless APIs added on Windows 7 and later. |
wlan_secure_wfd_elevated_accessThis value is reserved for internal use by the Wi-Fi Direct service. Windows 8: This value is an extension to native wireless APIs added on Windows 8 and later. |
WLAN_SECURABLE_OBJECT_COUNT |
Remarks
These objects can be secured using WlanSetSecuritySettings. The current permissions associated with these objects can be retrieved using WlanGetSecuritySettings. For more information about the use of securable objects, see How DACLs Control Access to an Object and Native Wifi API Permissions.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2008 [desktop apps only] |
| Header | wlanapi.h |
See also
How DACLs Control Access to an Object
WlanSetInterface
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for