AuditAccountLogon function
The AuditAccountLogon function produces an audit record that represents the mapping of a foreign principal name onto a Windows account.
Syntax
NTSTATUS AuditAccountLogon( _In_ ULONG AuditId, _In_ BOOLEAN Success, _In_ PUNICODE_STRING Source, _In_ PUNICODE_STRING ClientName, _In_ PUNICODE_STRING MappedName, _In_ NTSTATUS Status );
Parameters
- AuditId [in]
-
Security package–defined message identifier. This value is included in the audit record.
- Success [in]
-
Specifies whether the audit record is generated on success or failure of the logon.
- Source [in]
-
Pointer to a UNICODE_STRING specifying the source of the logon attempt.
- ClientName [in]
-
Pointer to a UNICODE_STRING specifying the client name.
- MappedName [in]
-
Pointer to a UNICODE_STRING containing the Windows account name to which the client name was mapped, if any.
- Status [in]
-
An NTSTATUS value specifying any error that occurred.
Return value
This function returns STATUS_SUCCESS.
Remarks
A pointer to the AuditAccountLogon function is available in the LSA_SECPKG_FUNCTION_TABLE structure received by the SpInitialize function.
Requirements
|
Minimum supported client |
Windows XP [desktop apps only] |
|---|---|
|
Minimum supported server |
Windows Server 2003 [desktop apps only] |
|
Header |
|
See also