ApiSetKeySecurity (Opnum 39)

(Protocol Version 2) The ApiSetKeySecurity method modifies any or all components of the security descriptor for the designated cluster key.

The server MUST accept an ApiSetKeySecurity request for processing only if it is in the read/write state, as specified in section 3.1.1.

 error_status_t ApiSetKeySecurity(
   [in] HKEY_RPC hKey,
   [in] DWORD SecurityInformation,
   [in] PRPC_SECURITY_DESCRIPTOR pRpcSecurityDescriptor

hKey: The RPC context handle for a key that was previously obtained by a call to ApiGetRootKey, ApiCreateKey, or ApiOpenKey.

SecurityInformation: A bitmask, as described in [MS-RRP] section 2.2.10, that indicates which components of the security descriptor designated pRpcSecurityDescriptor are used to modify the key's security descriptor.

pRpcSecurityDescriptor: A pointer to an RPC_SECURITY_DESCRIPTOR structure, as specified in section, that contains the security attributes for the designated key.

Return Values: The method MUST return the following error codes for the specified conditions.

Return value/code







The hKey parameter does not represent a valid HKEY_RPC context handle.



The RPC_SECURITY_DESCRIPTOR data structure identified by the pRpcSecurityDescriptor parameter does not contain a valid security descriptor in self-relative form, as specified in [MS-DTYP] section 2.4.6.

For any other condition, the server MUST set Status to a value that is not one of the values listed in the preceding table. The client MUST treat all values not listed in the preceding table the same, except as specified in section