ObjectDeleteAuditAlarm function
The ObjectDeleteAuditAlarm function generates audit messages when an object is deleted. Alarms are not currently supported.
Syntax
BOOL WINAPI ObjectDeleteAuditAlarm( _In_ LPCTSTR SubsystemName, _In_ LPVOID HandleId, _In_ BOOL GenerateOnClose );
Parameters
- SubsystemName [in]
-
A pointer to a null-terminated string specifying the name of the subsystem calling the function. This string appears in any audit message that the function generates.
- HandleId [in]
-
Specifies a unique value representing the client's handle to the object. This must be the same value that was passed to the AccessCheckAndAuditAlarm or ObjectOpenAuditAlarm function.
- GenerateOnClose [in]
-
Specifies a flag set by a call to the AccessCheckAndAuditAlarm or ObjectOpenAuditAlarm function when the object handle is created.
Return value
If the function succeeds, the return value is a nonzero value.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
Remarks
The ObjectDeleteAuditAlarm function requires the calling application to have the SE_AUDIT_NAME privilege enabled. The test for this privilege is always performed against the primary token of the calling process, allowing the calling process to impersonate a client.
Requirements
|
Minimum supported client |
Windows XP [desktop apps only] |
|---|---|
|
Minimum supported server |
Windows Server 2003 [desktop apps only] |
|
Header |
|
|
Library |
|
|
DLL |
|
|
Unicode and ANSI names |
ObjectDeleteAuditAlarmW (Unicode) and ObjectDeleteAuditAlarmA (ANSI) |
See also
- Client/Server Access Control
- Client/Server Access Control Functions
- AccessCheck
- AccessCheckAndAuditAlarm
- AreAllAccessesGranted
- AreAnyAccessesGranted
- MapGenericMask
- ObjectCloseAuditAlarm
- ObjectOpenAuditAlarm
- ObjectPrivilegeAuditAlarm
- PrivilegeCheck
- PrivilegedServiceAuditAlarm