3.1.5.5 OpenUsers (Opnum 4)

  • Article

The OpenUsers method is called by the client. In response, the server opens a handle to the HKEY_USERS predefined key.

 error_status_t OpenUsers(
   [in, unique] PREGISTRY_SERVER_NAME ServerName,
   [in] REGSAM samDesired,
   [out] PRPC_HKEY phKey
 );

ServerName: SHOULD be sent as NULL and MUST be ignored on receipt because the binding to the server is already complete at this stage.

samDesired: The bit field that describes the wanted security access for the key. It MUST be constructed from one or more of the values that are specified in section 2.2.3.

phKey: A pointer to an RPC context handle for the root key, HKEY_USERS, as specified in section 3.1.1.7. The handle is found in the handle table (HANDLETABLE).

Return Values: The method returns 0 (ERROR_SUCCESS) to indicate success; otherwise, it returns a nonzero error code, as specified in [MS-ERREF] section 2.2. The server SHOULD return without modification any error code encountered in servicing the client request.

The most common error codes are listed in the following table.

Return value/code

Description

0x00000005

ERROR_ACCESS_DENIED

Access is denied.

0x00000013

ERROR_WRITE_PROTECT

A read or write operation was attempted to a volume after it was dismounted. The server can no longer service registry requests because server shutdown has been initiated.

Server Operations

If the registry server can no longer service registry requests because server shutdown has been initiated (SHUTDOWNINPROGRESS is set to TRUE), the server MUST return ERROR_WRITE_PROTECT.

The server attempts to open the predefined key HKEY_USERS and return a handle to that key in the phKey parameter. The server MUST evaluate the security descriptor that is associated with the key against the access requested in the samDesired parameter.

If the caller is permitted to open the key, the server MUST return 0 to indicate success, and create a new valid context handle. The server MUST store the context handle value in the handle table (HANDLETABLE) along with a mapping to the HKEY_USERS key. The server MUST place a handle value (see 3.1.1.9) in the phKey parameter. If the caller does not have access, the server MUST return ERROR_ACCESS_DENIED. For more information about security descriptors, see 3.1.1.10.

The server MUST validate the value of the samDesired parameter set by the client. If the value of samDesired includes flags set which are not listed in section 2.2.3, the server MUST return ERROR_INVALID_PARAMETER.

The server MUST disregard the samDesired parameter if the samDesired parameter set by the client has bit 0x2 set, indicating permission to create a subkey. The server MUST not allow subkey creation in certain locations of the registry hierarchy. These restrictions are detailed within the Server Operations section of the BaseRegCreateKey method.