SpInitialize function

The SpInitialize function is called once by the Local Security Authority (LSA) to provide a security package with general security information and a dispatch table of support functions. The security package should save the information and do internal initialization processing, if any is needed.


NTSTATUS SpInitialize(
  _In_ ULONG_PTR                  PackageId,
  _In_ PSECPKG_PARAMETERS         Parameters,


PackageId [in]

A unique identifier the LSA assigns to each security package. The value is valid until the system is restarted.

Parameters [in]

A pointer to a SECPKG_PARAMETERS structure containing primary domain and machine state information.

FunctionTable [in]

Pointer to a table of LSA support functions that a security package can call.

Return value

If the function succeeds, return STATUS_SUCCESS, or an informational status code.

If the function fails, return an NTSTATUS error code indicating the reason it failed. For more information, see Remarks.


If SpInitialize returns an NTSTATUS error code to the LSA, the package will be unloaded, and the Local Security Authority (LSA) will not include it in the list of available security packages.

SSP/APs must implement the SpInitialize function; however, the actual name given to the implementation is up to the developer.

A pointer to the SSP/AP's implementation of the SpInitialize function must be in the SECPKG_FUNCTION_TABLE structure passed to the LSA from the SpLsaModeInitialize function.


Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]



See also