3.1.4.1.94 FAX_SetSecurity (Opnum 24)

Article
04/06/2021

The FAX_SetSecurity (Opnum 24) method is called by the client. On success, the server MUST set the fax server's security descriptor.

Protocol version FAX_API_VERSION_3 (0x00030000) fax servers SHOULD fail this call by returning ERROR_NOT_SUPPORTED (0x00000032). The fax client SHOULD NOT call this method if the protocol version reported by the server is FAX_API_VERSION_3 (0x00030000). For more information, see FAX_ConnectFaxServer (section 3.1.4.1.10). The fax client SHOULD call FAX_SetSecurityEx2 (section 3.1.4.1.95) instead.

 error_status_t FAX_SetSecurity(
   [in] handle_t hBinding,
   [in] SECURITY_INFORMATION SecurityInformation,
   [in, unique, size_is(dwBufferSize)] 
     const LPBYTE pSecurityDescriptor,
   [in, range(0,FAX_MAX_RPC_BUFFER)] 
     DWORD dwBufferSize
 );

hBinding: The RPC binding handle for this call. The client SHOULD reuse the RPC binding handle used as an input hBinding argument for the FAX_ConnectFaxServer or FAX_ConnectionRefCount (section 3.1.4.1.11) method call used to connect to the fax server.

SecurityInformation: Identifies the components that are included in the security descriptor. The value of this parameter is a bitwise OR combination of SECURITY_INFORMATION ([MS-DTYP] section 2.4.7) constant values.

pSecurityDescriptor: A pointer to a SECURITY_DESCRIPTOR ([MS-DTYP] section 2.4.6) structure to be set.

dwBufferSize: A variable to indicate the size, in bytes, of the pSecurityDescriptor security descriptor buffer. The maximum size is FAX_MAX_RPC_BUFFER (section 2.2.82).

Return Values: This method MUST return 0x00000000 (ERROR_SUCCESS) for success; otherwise, it MUST return one of the following error codes, one of the fax-specific errors that are defined in section 2.2.52, or one of the other standard errors defined in [MS-ERREF] section 2.2.

Return value/code	Description
ERROR_ACCESS_DENIED 0x00000005	Access is denied. The client's fax user account does not have the access rights required for this operation. This error code is returned under any of the following conditions, listed by required access right: § WRITE_OWNER, when the fax server is a FAX_API_VERSION_1 server and the SecurityInformation parameter contains the OWNER_SECURITY_INFORMATION value. § WRITE_DAC, when the fax server is a FAX_API_VERSION_1 server and SecurityInformation contains the GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION values. § READ_CONTROL, when the fax server is a FAX_API_VERSION_2 server and SecurityInformation contains the GROUP_SECURITY_INFORMATION, DACL_SECURITY_INFORMATION, or OWNER_SECURITY_INFORMATION values. § ACCESS_SYSTEM_SECURITY, when SecurityInformation contains the SACL_SECURITY_INFORMATION value.
ERROR_INVALID_DATA 0x0000000D	The data contained in the buffer specified by the pSecurityDescriptor parameter is not a valid SECURITY_DESCRIPTOR.
ERROR_NOT_SUPPORTED 0x00000032	The fax server does not support this operation. This error SHOULD be returned by FAX_API_VERSION_3 servers.
ERROR_INVALID_PARAMETER 0x00000057	The parameter is incorrect. This error code is returned under any of the following conditions: § pSecurityInformation is set to a NULL pointer value. § The dwBufferSize parameter is set to a value of 0.
ERROR_REGISTRY_CORRUPT 0x000003F7	The registry is corrupted. The structure of one of the files containing registry data is corrupted, or the system's memory image of the file is corrupted, or the file could not be recovered because the alternate copy or log was absent or corrupted.

Return value/code

Description

ERROR_ACCESS_DENIED

0x00000005

Access is denied. The client's fax user account does not have the access rights required for this operation. This error code is returned under any of the following conditions, listed by required access right:

§ WRITE_OWNER, when the fax server is a FAX_API_VERSION_1 server and the SecurityInformation parameter contains the OWNER_SECURITY_INFORMATION value.

§ WRITE_DAC, when the fax server is a FAX_API_VERSION_1 server and SecurityInformation contains the GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION values.

§ READ_CONTROL, when the fax server is a FAX_API_VERSION_2 server and SecurityInformation contains the GROUP_SECURITY_INFORMATION, DACL_SECURITY_INFORMATION, or OWNER_SECURITY_INFORMATION values.

§ ACCESS_SYSTEM_SECURITY, when SecurityInformation contains the SACL_SECURITY_INFORMATION value.

ERROR_INVALID_DATA

0x0000000D

The data contained in the buffer specified by the pSecurityDescriptor parameter is not a valid SECURITY_DESCRIPTOR.

ERROR_NOT_SUPPORTED

0x00000032

The fax server does not support this operation. This error SHOULD be returned by FAX_API_VERSION_3 servers.

ERROR_INVALID_PARAMETER

0x00000057

The parameter is incorrect. This error code is returned under any of the following conditions:

§ pSecurityInformation is set to a NULL pointer value.

§ The dwBufferSize parameter is set to a value of 0.

ERROR_REGISTRY_CORRUPT

0x000003F7

The registry is corrupted. The structure of one of the files containing registry data is corrupted, or the system's memory image of the file is corrupted, or the file could not be recovered because the alternate copy or log was absent or corrupted.

Exceptions Thrown: No exceptions are thrown except those that are thrown by the underlying RPC protocol, [MS-RPCE].

The server MUST validate that the client has the following credentials to set security on the server.

Action	Authorization
To set security information on the object owned by the client	The right to change the owner in the object's security descriptor (WRITE_OWNER).
To set group security information	The right to modify the discretionary access control list (DACL) in the object's security descriptor (WRITE_DAC).
To set system-wide security information	The right to modify the system access control list (SACL) in the object's security descriptor (ACCESS_SYSTEM_SECURITY).

Share via

3.1.4.1.94 FAX_SetSecurity (Opnum 24)

Additional resources