JNA API 5.12.1

Interface Advapi32

    Field Detail

      INSTANCE

        static final Advapi32 INSTANCE

        static final int LOGON_WITH_PROFILE
        LOGON_WITH_PROFILE: 0x00000001
        Log on, then load the user profile in the HKEY_USERS registry key.
        The function returns after the profile is loaded.
        Loading the profile can be time-consuming, so it is best to use this value only if you must access the information in the HKEY_CURRENT_USER registry key.
        Windows Server 2003: The profile is unloaded after the new process is terminated, whether or not it has created child processes.
        Windows XP: The profile is unloaded after the new process and all child processes it has created are terminated.
        static final int LOGON_NETCREDENTIALS_ONLY
        Log on, but use the specified credentials on the network only.
        The new process uses the same token as the caller, but the system creates a new logon session within LSA, and the process uses the specified credentials as the default credentials.
        This value can be used to create a process that uses a different set of credentials locally than it does remotely.
        This is useful in inter-domain scenarios where there is no trust relationship.
        The system does not validate the specified credentials.
        Therefore, the process can start, but it may not have access to network resources.
    Method Detail

      • GetUserNameW

        boolean GetUserNameW(char[] buffer,
                             IntByReference len)
        Retrieves the name of the user associated with the current thread.
        buffer - Buffer to receive the user's logon name.
        len - On input, the size of the buffer, on output the number of characters copied into the buffer, including the terminating null character.
        True if succeeded.
      • LookupAccountName

        boolean LookupAccountName(java.lang.String lpSystemName,
                                  java.lang.String lpAccountName,
                                  WinNT.PSID Sid,
                                  IntByReference cbSid,
                                  char[] ReferencedDomainName,
                                  IntByReference cchReferencedDomainName,
                                  PointerByReference peUse)
        Accepts the name of a system and anaccount as input and retrieves a security identifier (SID) for the account and the name of the domain on which the account was found.
        lpSystemName - Specifies the name of the system.
        lpAccountName - Specifies the account name.
        Sid - Receives the SID structure that corresponds to the account name pointed to by the lpAccountName parameter.
        cbSid - On input, this value specifies the size, in bytes, of the Sid buffer. If the function fails because the buffer is too small or if cbSid is zero, this variable receives the required buffer size.
        ReferencedDomainName - Receives the name of the domain where the account name is found.
        cchReferencedDomainName - On input, this value specifies the size, in TCHARs, of the ReferencedDomainName buffer. If the function fails because the buffer is too small, this variable receives the required buffer size, including the terminating null character.
        peUse - SID_NAME_USE enumerated type that indicates the type of the account when the function returns.
        True if the function was successful, False otherwise.
      • LookupAccountSid

        boolean LookupAccountSid(java.lang.String lpSystemName,
                                 WinNT.PSID Sid,
                                 char[] lpName,
                                 IntByReference cchName,
                                 char[] ReferencedDomainName,
                                 IntByReference cchReferencedDomainName,
                                 PointerByReference peUse)
        Retrieves the name of the account for this SID and the name of the first domain on which this SID is found.
        lpSystemName - Specifies the target computer.
        Sid - The SID to look up.
        lpName - Buffer that receives a null-terminated string that contains the account name that corresponds to the lpSid parameter.
        cchName - On input, specifies the size, in TCHARs, of the lpName buffer. If the function fails because the buffer is too small or if cchName is zero, cchName receives the required buffer size, including the terminating null character.
        ReferencedDomainName - Pointer to a buffer that receives a null-terminated string that contains the name of the domain where the account name was found.
        cchReferencedDomainName - On input, specifies the size, in TCHARs, of the lpReferencedDomainName buffer. If the function fails because the buffer is too small or if cchReferencedDomainName is zero, cchReferencedDomainName receives the required buffer size, including the terminating null character.
        peUse - Pointer to a variable that receives a SID_NAME_USE value that indicates the type of the account.
        If the function succeeds, the function returns nonzero. If the function fails, it returns zero. To get extended error information, call GetLastError.
      • ConvertSidToStringSid

        boolean ConvertSidToStringSid(WinNT.PSID Sid,
                                      PointerByReference StringSid)
        Convert a security identifier (SID) to a string format suitable for display, storage, or transmission.
        Sid - The SID structure to be converted.
        StringSid - Pointer to a variable that receives a pointer to a null-terminated SID string. To free the returned buffer, call the LocalFree function.
        true if the function was successful - call GetLastError() to check failure reason
      • ConvertStringSidToSid

        boolean ConvertStringSidToSid(java.lang.String StringSid,
                                      WinNT.PSIDByReference Sid)
        Convert a string-format security identifier (SID) into a valid, functional SID.
        StringSid - The string-format SID to convert.
        Sid - Receives a pointer to the converted SID. To free the returned buffer, call the LocalFree function.
        true if the function was successful - call GetLastError() to check failure reason
      • GetLengthSid

        int GetLengthSid(WinNT.PSID pSid)
        Returns the length, in bytes, of a valid security identifier (SID).
        pSid - A pointer to the SID structure whose length is returned.
        Length of the SID.
      • IsValidSid

        boolean IsValidSid(WinNT.PSID pSid)
        The IsValidSid function validates a security identifier (SID) by verifying that the revision number is within a known range, and that the number of subauthorities is less than the maximum.
        pSid - Pointer to the SID structure to validate. This parameter cannot be NULL.
        If the SID structure is valid, the return value is nonzero. If the SID structure is not valid, the return value is zero. There is no extended error information for this function; do not call GetLastError.
      • EqualSid

        boolean EqualSid(WinNT.PSID pSid1,
                         WinNT.PSID pSid2)
        he EqualSid function tests two security identifier (SID) values for equality. Two SIDs must match exactly to be considered equal.
        pSid1 - A pointer to the first SID structure to compare. This structure is assumed to be valid.
        pSid2 - A pointer to the second SID structure to compare. This structure is assumed to be valid.
        If the SID structures are equal, the return value is nonzero. If the SID structures are not equal, the return value is zero. To get extended error information, call GetLastError. If either SID structure is not valid, the return value is undefined.
      • IsWellKnownSid

        boolean IsWellKnownSid(WinNT.PSID pSid,
                               int wellKnownSidType)
        Compares a SID to a well known SID and returns TRUE if they match.
        pSid - SID to test.
        wellKnownSidType - Member of the WELL_KNOWN_SID_TYPE enumeration to compare with the SID at pSid.
        True if the SID is of a given well known type, false otherwise.
      • CreateWellKnownSid

        boolean CreateWellKnownSid(int wellKnownSidType,
                                   WinNT.PSID domainSid,
                                   WinNT.PSID pSid,
                                   IntByReference cbSid)
        The CreateWellKnownSid function creates a SID for predefined aliases.
        wellKnownSidType - Member of the WELL_KNOWN_SID_TYPE enumeration that specifies what the SID will identify.
        domainSid - Pointer to a SID that identifies the domain control to use when creating the SID. Pass NULL to use the local computer.
        pSid - Pointer to memory where CreateWellKnownSid will store the new SID.
        cbSid - Pointer to a DWORD that contains the number of bytes available at pSid. The CreateWellKnownSid function stores the number of bytes actually used at this location.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • InitializeSecurityDescriptor

        boolean InitializeSecurityDescriptor(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                             int dwRevision)
        The InitializeSecurityDescriptor function initializes a new security descriptor.
        pSecurityDescriptor - A pointer to a SECURITY_DESCRIPTOR structure that the function initializes.
        dwRevision - The revision level to assign to the security descriptor. This parameter must be SECURITY_DESCRIPTOR_REVISION.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • GetSecurityDescriptorControl

        boolean GetSecurityDescriptorControl(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                             ShortByReference pControl,
                                             IntByReference lpdwRevision)
        The GetSecurityDescriptorControl function retrieves a security descriptor control and revision information.
        pSecurityDescriptor - A pointer to a SECURITY_DESCRIPTOR structure whose control and revision information the function retrieves.
        pControl - A pointer to a SECURITY_DESCRIPTOR_CONTROL structure that receives the security descriptor's control information.
        lpdwRevision - A pointer to a variable that receives the security descriptor's revision value. This value is always set, even when GetSecurityDescriptorControl returns an error.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • SetSecurityDescriptorControl

        boolean SetSecurityDescriptorControl(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                             short ControlBitsOfInterest,
                                             short ControlBitsToSet)
        The SetSecurityDescriptorControl function sets the control bits of a security descriptor. The function can set only the control bits that relate to automatic inheritance of ACEs. To set the other control bits of a security descriptor, use the functions, such as SetSecurityDescriptorDacl, for modifying the components of a security descriptor.
        pSecurityDescriptor - A pointer to a SECURITY_DESCRIPTOR structure whose control and revision information are set.
        ControlBitsOfInterest - A SECURITY_DESCRIPTOR_CONTROL mask that indicates the control bits to set.
        ControlBitsToSet - SECURITY_DESCRIPTOR_CONTROL mask that indicates the new values for the control bits specified by the ControlBitsOfInterest mask.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • GetSecurityDescriptorOwner

        boolean GetSecurityDescriptorOwner(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                           WinNT.PSIDByReference pOwner,
                                           WinDef.BOOLByReference lpbOwnerDefaulted)
        The GetSecurityDescriptorOwner function retrieves the owner information from a security descriptor.
        pSecurityDescriptor - A pointer to a SECURITY_DESCRIPTOR structure whose owner information the function retrieves.
        pOwner - A pointer to a pointer to a security identifier (SID) that identifies the owner when the function returns. If the security descriptor does not contain an owner, the function sets the pointer pointed to by pOwner to NULL and ignores the remaining output parameter, lpbOwnerDefaulted. If the security descriptor contains an owner, the function sets the pointer pointed to by pOwner to the address of the security descriptor's owner SID and provides a valid value for the variable pointed to by lpbOwnerDefaulted.
        lpbOwnerDefaulted - A pointer to a flag that is set to the value of the SE_OWNER_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure when the function returns. If the value stored in the variable pointed to by the pOwner parameter is NULL, no value is set.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • SetSecurityDescriptorOwner

        boolean SetSecurityDescriptorOwner(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                           WinNT.PSID pOwner,
                                           boolean bOwnerDefaulted)
        The SetSecurityDescriptorOwner function sets the owner information of an absolute-format security descriptor. It replaces any owner information already present in the security descriptor.
        pSecurityDescriptor - A pointer to the SECURITY_DESCRIPTOR structure whose owner is set by this function. The function replaces any existing owner with the new owner.
        pOwner - A pointer to a SID structure for the security descriptor's new primary owner. The SID structure is referenced by, not copied into, the security descriptor. If this parameter is NULL, the function clears the security descriptor's owner information. This marks the security descriptor as having no owner.
        bOwnerDefaulted - Indicates whether the owner information is derived from a default mechanism. If this value is TRUE, it is default information. The function stores this value as the SE_OWNER_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is zero, the SE_OWNER_DEFAULTED flag is cleared.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • GetSecurityDescriptorGroup

        boolean GetSecurityDescriptorGroup(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                           WinNT.PSIDByReference pGroup,
                                           WinDef.BOOLByReference lpbGroupDefaulted)
        The GetSecurityDescriptorGroup function retrieves the primary group information from a security descriptor.
        pSecurityDescriptor - A pointer to a SECURITY_DESCRIPTOR structure whose primary group information the function retrieves.
        pGroup - A pointer to a pointer to a security identifier (SID) that identifies the primary group when the function returns. If the security descriptor does not contain a primary group, the function sets the pointer pointed to by pGroup to NULL and ignores the remaining output parameter, lpbGroupDefaulted. If the security descriptor contains a primary group, the function sets the pointer pointed to by pGroup to the address of the security descriptor's group SID and provides a valid value for the variable pointed to by lpbGroupDefaulted.
        lpbGroupDefaulted - A pointer to a flag that is set to the value of the SE_GROUP_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure when the function returns. If the value stored in the variable pointed to by the pGroup parameter is NULL, no value is set.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • SetSecurityDescriptorGroup

        boolean SetSecurityDescriptorGroup(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                           WinNT.PSID pGroup,
                                           boolean bGroupDefaulted)
        The SetSecurityDescriptorGroup function sets the primary group information of an absolute-format security descriptor, replacing any primary group information already present in the security descriptor.
        pSecurityDescriptor - A pointer to the SECURITY_DESCRIPTOR structure whose primary group is set by this function. The function replaces any existing primary group with the new primary group.
        pGroup - A pointer to a SID structure for the security descriptor's new primary group. The SID structure is referenced by, not copied into, the security descriptor. If this parameter is NULL, the function clears the security descriptor's primary group information. This marks the security descriptor as having no primary group.
        bGroupDefaulted - Indicates whether the primary group information was derived from a default mechanism. If this value is TRUE, it is default information, and the function stores this value as the SE_GROUP_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is zero, the SE_GROUP_DEFAULTED flag is cleared.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • GetSecurityDescriptorDacl

        boolean GetSecurityDescriptorDacl(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                          WinDef.BOOLByReference bDaclPresent,
                                          WinNT.PACLByReference pDacl,
                                          WinDef.BOOLByReference bDaclDefaulted)
        The GetSecurityDescriptorDacl function retrieves a pointer to the discretionary access control list (DACL) in a specified security descriptor.
        pSecurityDescriptor - A pointer to the SECURITY_DESCRIPTOR structure that contains the DACL. The function retrieves a pointer to it.
        bDaclPresent - A pointer to a value that indicates the presence of a DACL in the specified security descriptor. If lpbDaclPresent is TRUE, the security descriptor contains a DACL, and the remaining output parameters in this function receive valid values. If lpbDaclPresent is FALSE, the security descriptor does not contain a DACL, and the remaining output parameters do not receive valid values. A value of TRUE for lpbDaclPresent does not mean that pDacl is not NULL. That is, lpbDaclPresent can be TRUE while pDacl is NULL, meaning that a NULL DACL is in effect. A NULL DACL implicitly allows all access to an object and is not the same as an empty DACL. An empty DACL permits no access to an object. For information about creating a proper DACL, see Creating a DACL.
        pDacl - A pointer to a pointer to an access control list (ACL). If a DACL exists, the function sets the pointer pointed to by pDacl to the address of the security descriptor's DACL. If a DACL does not exist, no value is stored. If the function stores a NULL value in the pointer pointed to by pDacl, the security descriptor has a NULL DACL. A NULL DACL implicitly allows all access to an object. If an application expects a non-NULL DACL but encounters a NULL DACL, the application should fail securely and not allow access.
        bDaclDefaulted - A pointer to a flag set to the value of the SE_DACL_DEFAULTED flag in the SECURITY_DESCRIPTOR_CONTROL structure if a DACL exists for the security descriptor. If this flag is TRUE, the DACL was retrieved by a default mechanism; if FALSE, the DACL was explicitly specified by a user.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • SetSecurityDescriptorDacl

        boolean SetSecurityDescriptorDacl(WinNT.SECURITY_DESCRIPTOR pSecurityDescriptor,
                                          boolean bDaclPresent,
                                          WinNT.ACL pDacl,
                                          boolean bDaclDefaulted)
        The SetSecurityDescriptorDacl function sets information in a discretionary access control list (DACL). If a DACL is already present in the security descriptor, the DACL is replaced.
        pSecurityDescriptor - A pointer to the SECURITY_DESCRIPTOR structure to which the function adds the DACL. This security descriptor must be in absolute format, meaning that its members must be pointers to other structures, rather than offsets to contiguous data.
        bDaclPresent - A flag that indicates the presence of a DACL in the security descriptor. If this parameter is TRUE, the function sets the SE_DACL_PRESENT flag in the SECURITY_DESCRIPTOR_CONTROL structure and uses the values in the pDacl and bDaclDefaulted parameters. If this parameter is FALSE, the function clears the SE_DACL_PRESENT flag, and pDacl and bDaclDefaulted are ignored.
        pDacl - A pointer to an ACL structure that specifies the DACL for the security descriptor. If this parameter is NULL, a NULL DACL is assigned to the security descriptor, which allows all access to the object. The DACL is referenced by, not copied into, the security descriptor.
        bDaclDefaulted - A flag that indicates the source of the DACL. If this flag is TRUE, the DACL has been retrieved by some default mechanism. If FALSE, the DACL has been explicitly specified by a user. The function stores this value in the SE_DACL_DEFAULTED flag of the SECURITY_DESCRIPTOR_CONTROL structure. If this parameter is not specified, the SE_DACL_DEFAULTED flag is cleared.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • InitializeAcl

        boolean InitializeAcl(WinNT.ACL pAcl,
                              int nAclLength,
                              int dwAclRevision)
        The InitializeAcl function initializes a new ACL structure.
        pAcl - A pointer to an ACL structure to be initialized by this function. Allocate memory for pAcl before calling this function.
        nAclLength - The length, in bytes, of the buffer pointed to by the pAcl parameter. This value must be large enough to contain the ACL header and all of the access control entries (ACEs) to be stored in the ACL. In addition, this value must be DWORD-aligned. For more information about calculating the size of an ACL, see Remarks.
        dwAclRevision - The revision level of the ACL structure being created. This value can be ACL_REVISION or ACL_REVISION_DS. Use ACL_REVISION_DS if the access control list (ACL) supports object-specific ACEs.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • AddAce

        boolean AddAce(WinNT.ACL pAcl,
                       int dwAceRevision,
                       int dwStartingAceIndex,
                       Pointer pAceList,
                       int nAceListLength)
        The AddAce function adds one or more access control entries (ACEs) to a specified access control list (ACL).
        pAcl - A pointer to an ACL. This function adds an ACE to this ACL.
        dwAceRevision - Specifies the revision level of the ACL being modified. This value can be ACL_REVISION or ACL_REVISION_DS. Use ACL_REVISION_DS if the ACL contains object-specific ACEs. This value must be compatible with the AceType field of all ACEs in pAceList. Otherwise, the function will fail and set the last error to ERROR_INVALID_PARAMETER.
        dwStartingAceIndex - Specifies the position in the ACL's list of ACEs at which to add new ACEs. A value of zero inserts the ACEs at the beginning of the list. A value of MAXDWORD appends the ACEs to the end of the list.
        pAceList - A pointer to a list of one or more ACEs to be added to the specified ACL. The ACEs in the list must be stored contiguously.
        nAceListLength - Specifies the size, in bytes, of the input buffer pointed to by the pAceList parameter.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • AddAccessAllowedAce

        boolean AddAccessAllowedAce(WinNT.ACL pAcl,
                                    int dwAceRevision,
                                    int AccessMask,
                                    WinNT.PSID pSid)
        The AddAce function adds one or more access control entries (ACEs) to a specified access control list (ACL).
        pAcl - A pointer to an ACL. This function adds an access-allowed ACE to the end of this ACL. The ACE is in the form of an ACCESS_ALLOWED_ACE structure.
        dwAceRevision - Specifies the revision level of the ACL being modified. This value can be ACL_REVISION or ACL_REVISION_DS. Use ACL_REVISION_DS if the ACL contains object-specific ACEs.
        AccessMask - Specifies the mask of access rights to be granted to the specified SID.
        pSid - A pointer to the SID representing a user, group, or logon account being granted access.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • AddAccessAllowedAceEx

        boolean AddAccessAllowedAceEx(WinNT.ACL pAcl,
                                      int dwAceRevision,
                                      int AceFlags,
                                      int AccessMask,
                                      WinNT.PSID pSid)
        The AddAce function adds one or more access control entries (ACEs) to a specified access control list (ACL).
        pAcl - A pointer to an ACL. This function adds an access-allowed ACE to the end of this ACL. The ACE is in the form of an ACCESS_ALLOWED_ACE structure.
        dwAceRevision - Specifies the revision level of the ACL being modified. This value can be ACL_REVISION or ACL_REVISION_DS. Use ACL_REVISION_DS if the ACL contains object-specific ACEs.
        AceFlags - A set of bit flags that control ACE inheritance. The function sets these flags in the AceFlags member of the ACE_HEADER structure of the new ACE. This parameter can be a combination of the following values: CONTAINER_INHERIT_ACE, INHERIT_ONLY_ACE, INHERITED_ACE, NO_PROPAGATE_INHERIT_ACE, and OBJECT_INHERIT_ACE
        AccessMask - Specifies the mask of access rights to be granted to the specified SID.
        pSid - A pointer to the SID representing a user, group, or logon account being granted access.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • GetAce

        boolean GetAce(WinNT.ACL pAcl,
                       int dwAceIndex,
                       PointerByReference pAce)
        The GetAce function obtains a pointer to an access control entry (ACE) in an access control list (ACL).
        pAcl - A pointer to an ACL that contains the ACE to be retrieved.
        dwAceIndex - The index of the ACE to be retrieved. A value of zero corresponds to the first ACE in the ACL, a value of one to the second ACE, and so on.
        pAce - A pointer to a pointer that the function sets to the address of the ACE.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.
      • LogonUser

        boolean LogonUser(java.lang.String lpszUsername,
                          java.lang.String lpszDomain,
                          java.lang.String lpszPassword,
                          int logonType,
                          int logonProvider,
                          WinNT.HANDLEByReference phToken)
        The LogonUser function attempts to log a user on to the local computer. The local computer is the computer from which LogonUser was called. You cannot use LogonUser to log on to a remote computer. You specify the user with a user name and domain, and authenticate the user with a plaintext password. If the function succeeds, you receive a handle to a token that represents the logged-on user. You can then use this token handle to impersonate the specified user or, in most cases, to create a process that runs in the context of the specified user.
        lpszUsername - A pointer to a null-terminated string that specifies the name of the user. This is the name of the user account to log on to. If you use the user principal name (UPN) format, user@DNS_domain_name, the lpszDomain parameter must be NULL.
        lpszDomain - A pointer to a null-terminated string that specifies the name of the domain or server whose account database contains the lpszUsername account. If this parameter is NULL, the user name must be specified in UPN format. If this parameter is ".", the function validates the account using only the local account database.
        lpszPassword - A pointer to a null-terminated string that specifies the plaintext password for the user account specified by lpszUsername.
        logonType - The type of logon operation to perform.
        logonProvider - Specifies the logon provider.
        phToken - A pointer to a handle variable that receives a handle to a token that represents the specified user.
        If the function succeeds, the function returns nonzero. If the function fails, it returns zero. To get extended error information, call GetLastError.
      • OpenThreadToken

        boolean OpenThreadToken(WinNT.HANDLE ThreadHandle,
                                int DesiredAccess,
                                boolean OpenAsSelf,
                                WinNT.HANDLEByReference TokenHandle)
        The OpenThreadToken function opens the access token associated with a thread.
        ThreadHandle - Handle to the thread whose access token is opened.
        DesiredAccess - Specifies an access mask that specifies the requested types of access to the access token. These requested access types are reconciled against the token's discretionary access control list (DACL) to determine which accesses are granted or denied.
        OpenAsSelf - Indicates whether the access check is to be made against the security context of the thread calling the OpenThreadToken function or against the security context of the process for the calling thread.
        TokenHandle - Pointer to a variable that receives the handle to the newly opened access token.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • SetThreadToken

        boolean SetThreadToken(WinNT.HANDLEByReference ThreadHandle,
                               WinNT.HANDLE TokenHandle)
        The SetThreadToken function assigns an impersonation token to a thread. The function can also cause a thread to stop using an impersonation token.
        ThreadHandle - [in, optional] A pointer to a handle to the thread to which the function assigns the impersonation token. If ThreadHandle is NULL, the function assigns the impersonation token to the calling thread.
        TokenHandle - [in, optional] A handle to the impersonation token to assign to the thread. This handle must have been opened with TOKEN_IMPERSONATE access rights. For more information, see Access Rights for Access-Token Objects. If Token is NULL, the function causes the thread to stop using an impersonation token.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • OpenProcessToken

        boolean OpenProcessToken(WinNT.HANDLE ProcessHandle,
                                 int DesiredAccess,
                                 WinNT.HANDLEByReference TokenHandle)
        The OpenProcessToken function opens the access token associated with a process.
        ProcessHandle - Handle to the process whose access token is opened. The process must have the PROCESS_QUERY_INFORMATION access permission.
        DesiredAccess - Specifies an access mask that specifies the requested types of access to the access token. These requested access types are compared with the discretionary access control list (DACL) of the token to determine which accesses are granted or denied.
        TokenHandle - Pointer to a handle that identifies the newly opened access token when the function returns.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • DuplicateToken

        boolean DuplicateToken(WinNT.HANDLE ExistingTokenHandle,
                               int ImpersonationLevel,
                               WinNT.HANDLEByReference DuplicateTokenHandle)
        The DuplicateToken function creates a new access token that duplicates one already in existence.
        ExistingTokenHandle - Handle to an access token opened with TOKEN_DUPLICATE access.
        ImpersonationLevel - Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type that supplies the impersonation level of the new token.
        DuplicateTokenHandle - Pointer to a variable that receives a handle to the duplicate token. This handle has TOKEN_IMPERSONATE and TOKEN_QUERY access to the new token.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • DuplicateTokenEx

        boolean DuplicateTokenEx(WinNT.HANDLE hExistingToken,
                                 int dwDesiredAccess,
                                 WinBase.SECURITY_ATTRIBUTES lpTokenAttributes,
                                 int ImpersonationLevel,
                                 int TokenType,
                                 WinNT.HANDLEByReference phNewToken)
        The DuplicateTokenEx function creates a new access token that duplicates an existing token. This function can create either a primary token or an impersonation token.
        hExistingToken - A handle to an access token opened with TOKEN_DUPLICATE access.
        dwDesiredAccess - Specifies the requested access rights for the new token.
        lpTokenAttributes - A pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new token and determines whether child processes can inherit the token.
        ImpersonationLevel - Specifies a value from the SECURITY_IMPERSONATION_LEVEL enumeration that indicates the impersonation level of the new token.
        TokenType - Specifies one of the following values from the TOKEN_TYPE enumeration.
        phNewToken - A pointer to a HANDLE variable that receives the new token.
        If the function succeeds, the function returns a nonzero value. If the function fails, it returns zero. To get extended error information, call GetLastError.
      • GetTokenInformation

        boolean GetTokenInformation(WinNT.HANDLE tokenHandle,
                                    int tokenInformationClass,
                                    Structure tokenInformation,
                                    int tokenInformationLength,
                                    IntByReference returnLength)
        Retrieves a specified type of information about an access token. The calling process must have appropriate access rights to obtain the information.
        tokenHandle - Handle to an access token from which information is retrieved. If TokenInformationClass specifies TokenSource, the handle must have TOKEN_QUERY_SOURCE access. For all other TokenInformationClass values, the handle must have TOKEN_QUERY access.
        tokenInformationClass - Specifies a value from the TOKEN_INFORMATION_CLASS enumerated type to identify the type of information the function retrieves.
        tokenInformation - Pointer to a buffer the function fills with the requested information. The structure put into this buffer depends upon the type of information specified by the TokenInformationClass parameter.
        tokenInformationLength - Specifies the size, in bytes, of the buffer pointed to by the TokenInformation parameter. If TokenInformation is NULL, this parameter must be zero.
        returnLength - Pointer to a variable that receives the number of bytes needed for the buffer pointed to by the TokenInformation parameter. If this value is larger than the value specified in the TokenInformationLength parameter, the function fails and stores no data in the buffer.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • ImpersonateLoggedOnUser

        boolean ImpersonateLoggedOnUser(WinNT.HANDLE hToken)
        The ImpersonateLoggedOnUser function lets the calling thread impersonate the security context of a logged-on user. The user is represented by a token handle.
        hToken - Handle to a primary or impersonation access token that represents a logged-on user. This can be a token handle returned by a call to LogonUser, CreateRestrictedToken, DuplicateToken, DuplicateTokenEx, OpenProcessToken, or OpenThreadToken functions. If hToken is a primary token, it must have TOKEN_QUERY and TOKEN_DUPLICATE access. If hToken is an impersonation token, it must have TOKEN_QUERY and TOKEN_IMPERSONATE access.
        If the function succeeds, the return value is nonzero.
      • ImpersonateSelf

        boolean ImpersonateSelf(int ImpersonationLevel)
        The ImpersonateSelf function obtains an access token that impersonates the security context of the calling process. The token is assigned to the calling thread.
        ImpersonationLevel - Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type that supplies the impersonation level of the new token.
        If the function succeeds, the return value is nonzero.
      • RevertToSelf

        boolean RevertToSelf()
        The RevertToSelf function terminates the impersonation of a client application.
        If the function succeeds, the return value is nonzero.
      • RegOpenKeyEx

        int RegOpenKeyEx(WinReg.HKEY hKey,
                         java.lang.String lpSubKey,
                         int ulOptions,
                         int samDesired,
                         WinReg.HKEYByReference phkResult)
        The RegOpenKeyEx function opens the specified registry key. Note that key names are not case sensitive.
        hKey - Handle to an open key.
        lpSubKey - Pointer to a null-terminated string containing the name of the subkey to open.
        ulOptions - Reserved; must be zero.
        samDesired - Access mask that specifies the desired access rights to the key. The function fails if the security descriptor of the key does not permit the requested access for the calling process.
        phkResult - Pointer to a variable that receives a handle to the opened key. If the key is not one of the predefined registry keys, call the RegCloseKey function after you have finished using the handle.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegLoadAppKey

        int RegLoadAppKey(java.lang.String lpFile,
                          WinReg.HKEYByReference phkResult,
                          int samDesired,
                          int dwOptions,
                          int Reserved)
        The RegLoadAppKey function loads the specified registry hive as an application hive.
        lpFile - The name of the hive file. If the file does not exist, an empty hive file is created with the specified name.
        phkResult - Pointer to the handle for the root key of the loaded hive.
        samDesired - Access mask that specifies the desired access rights to the
        dwOptions - If this parameter is REG_PROCESS_APPKEY, the hive cannot be loaded again while it is loaded by the caller. This prevents access to this registry hive by another caller.
        Reserved - Reserved; must be zero.
      • RegQueryValueEx

        int RegQueryValueEx(WinReg.HKEY hKey,
                            java.lang.String lpValueName,
                            int lpReserved,
                            IntByReference lpType,
                            char[] lpData,
                            IntByReference lpcbData)
        The RegQueryValueEx function retrieves the type and data for a specified value name associated with an open registry key.
        hKey - Handle to an open key. The key must have been opened with the KEY_QUERY_VALUE access right.
        lpValueName - Pointer to a null-terminated string containing the name of the value to query. If lpValueName is NULL or an empty string, "", the function retrieves the type and data for the key's unnamed or default value, if any.
        lpReserved - Reserved; must be NULL.
        lpType - Pointer to a variable that receives a code indicating the type of data stored in the specified value.
        lpData - Pointer to a buffer that receives the value's data. This parameter can be NULL if the data is not required. If the data is a string, the function checks for a terminating null character. If one is not found, the string is stored with a null terminator if the buffer is large enough to accommodate the extra character. Otherwise, the string is stored as is.
        lpcbData - Pointer to a variable that specifies the size of the buffer pointed to by the lpData parameter, in bytes. When the function returns, this variable contains the size of the data copied to lpData. The lpcbData parameter can be NULL only if lpData is NULL. If the data has the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ type, this size includes any terminating null character or characters. If the buffer specified by lpData parameter is not large enough to hold the data, the function returns ERROR_MORE_DATA and stores the required buffer size in the variable pointed to by lpcbData. In this case, the contents of the lpData buffer are undefined. If lpData is NULL, and lpcbData is non-NULL, the function returns ERROR_SUCCESS and stores the size of the data, in bytes, in the variable pointed to by lpcbData. This enables an application to determine the best way to allocate a buffer for the value's data.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegCloseKey

        int RegCloseKey(WinReg.HKEY hKey)
        The RegCloseKey function releases a handle to the specified registry key.
        hKey - Handle to the open key to be closed. The handle must have been opened by the RegCreateKeyEx, RegOpenKeyEx, or RegConnectRegistry function.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegDeleteValue

        int RegDeleteValue(WinReg.HKEY hKey,
                           java.lang.String lpValueName)
        The RegDeleteValue function removes a named value from the specified registry key. Note that value names are not case sensitive.
        hKey - Handle to an open key. The key must have been opened with the KEY_SET_VALUE access right.
        lpValueName - Pointer to a null-terminated string that names the value to remove. If this parameter is NULL or an empty string, the value set by the RegSetValue function is removed.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegSetValueEx

        int RegSetValueEx(WinReg.HKEY hKey,
                          java.lang.String lpValueName,
                          int Reserved,
                          int dwType,
                          Pointer lpData,
                          int cbData)
        The RegSetValueEx function sets the data and type of a specified value under a registry key.
        hKey - Handle to an open key. The key must have been opened with the KEY_SET_VALUE access right.
        lpValueName - Pointer to a string containing the name of the value to set. If a value with this name is not already present in the key, the function adds it to the key. If lpValueName is NULL or an empty string, "", the function sets the type and data for the key's unnamed or default value.
        Reserved - Reserved; must be zero.
        dwType - Type of data pointed to by the lpData parameter.
        lpData - Pointer to a buffer containing the data to be stored with the specified value name.
        cbData - Size of the information pointed to by the lpData parameter, in bytes. If the data is of type REG_SZ, REG_EXPAND_SZ, or REG_MULTI_SZ, cbData must include the size of the terminating null character or characters.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegCreateKeyEx

        int RegCreateKeyEx(WinReg.HKEY hKey,
                           java.lang.String lpSubKey,
                           int Reserved,
                           java.lang.String lpClass,
                           int dwOptions,
                           int samDesired,
                           WinBase.SECURITY_ATTRIBUTES lpSecurityAttributes,
                           WinReg.HKEYByReference phkResult,
                           IntByReference lpdwDisposition)
        hKey - registry key
        lpSubKey - subkey name
        Reserved - unused
        lpClass - class
        dwOptions - options
        samDesired - ?
        lpSecurityAttributes - security attributes
        phkResult - resulting key
        lpdwDisposition - ?
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegDeleteKey

        int RegDeleteKey(WinReg.HKEY hKey,
                         java.lang.String name)
        hKey - registry key
        name - key name
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegEnumKeyEx

        int RegEnumKeyEx(WinReg.HKEY hKey,
                         int dwIndex,
                         char[] lpName,
                         IntByReference lpcName,
                         IntByReference reserved,
                         char[] lpClass,
                         IntByReference lpcClass,
                         WinBase.FILETIME lpftLastWriteTime)
        The RegEnumKeyEx function enumerates subkeys of the specified open registry key. The function retrieves information about one subkey each time it is called.
        hKey - Handle to an open key. The key must have been opened with the KEY_ENUMERATE_SUB_KEYS access right.
        dwIndex - Index of the subkey to retrieve. This parameter should be zero for the first call to the RegEnumKeyEx function and then incremented for subsequent calls. Because subkeys are not ordered, any new subkey will have an arbitrary index. This means that the function may return subkeys in any order.
        lpName - Pointer to a buffer that receives the name of the subkey, including the terminating null character. The function copies only the name of the subkey, not the full key hierarchy, to the buffer.
        lpcName - Pointer to a variable that specifies the size of the buffer specified by the lpName parameter, in TCHARs. This size should include the terminating null character. When the function returns, the variable pointed to by lpcName contains the number of characters stored in the buffer. The count returned does not include the terminating null character.
        reserved - Reserved; must be NULL.
        lpClass - Pointer to a buffer that receives the null-terminated class string of the enumerated subkey. This parameter can be NULL.
        lpcClass - Pointer to a variable that specifies the size of the buffer specified by the lpClass parameter, in TCHARs. The size should include the terminating null character. When the function returns, lpcClass contains the number of characters stored in the buffer. The count returned does not include the terminating null character. This parameter can be NULL only if lpClass is NULL.
        lpftLastWriteTime - Pointer to a variable that receives the time at which the enumerated subkey was last written.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegEnumValue

        int RegEnumValue(WinReg.HKEY hKey,
                         int dwIndex,
                         char[] lpValueName,
                         IntByReference lpcchValueName,
                         IntByReference reserved,
                         IntByReference lpType,
                         Pointer lpData,
                         IntByReference lpcbData)
        The RegEnumValue function enumerates the values for the specified open registry key. The function copies one indexed value name and data block for the key each time it is called.
        hKey - Handle to an open key. The key must have been opened with the KEY_QUERY_VALUE access right.
        dwIndex - Index of the value to be retrieved. This parameter should be zero for the first call to the RegEnumValue function and then be incremented for subsequent calls. Because values are not ordered, any new value will have an arbitrary index. This means that the function may return values in any order.
        lpValueName - Pointer to a buffer that receives the name of the value, including the terminating null character.
        lpcchValueName - Pointer to a variable that specifies the size of the buffer pointed to by the lpValueName parameter, in TCHARs. This size should include the terminating null character. When the function returns, the variable pointed to by lpcValueName contains the number of characters stored in the buffer. The count returned does not include the terminating null character.
        reserved - Reserved; must be NULL.
        lpType - Pointer to a variable that receives a code indicating the type of data stored in the specified value.
        lpData - Pointer to a buffer that receives the data for the value entry. This parameter can be NULL if the data is not required.
        lpcbData - Pointer to a variable that specifies the size of the buffer pointed to by the lpData parameter, in bytes.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegQueryInfoKey

        int RegQueryInfoKey(WinReg.HKEY hKey,
                            char[] lpClass,
                            IntByReference lpcClass,
                            IntByReference lpReserved,
                            IntByReference lpcSubKeys,
                            IntByReference lpcMaxSubKeyLen,
                            IntByReference lpcMaxClassLen,
                            IntByReference lpcValues,
                            IntByReference lpcMaxValueNameLen,
                            IntByReference lpcMaxValueLen,
                            IntByReference lpcbSecurityDescriptor,
                            WinBase.FILETIME lpftLastWriteTime)
        The RegQueryInfoKey function retrieves information about the specified registry key.
        hKey - A handle to an open key. The key must have been opened with the KEY_QUERY_VALUE access right.
        lpClass - A pointer to a buffer that receives the null-terminated class string of the key. This parameter can be ignored. This parameter can be NULL.
        lpcClass - A pointer to a variable that specifies the size of the buffer pointed to by the lpClass parameter, in characters.
        lpReserved - Reserved; must be NULL.
        lpcSubKeys - A pointer to a variable that receives the number of subkeys that are contained by the specified key. This parameter can be NULL.
        lpcMaxSubKeyLen - A pointer to a variable that receives the size of the key's subkey with the longest name, in characters, not including the terminating null character. This parameter can be NULL.
        lpcMaxClassLen - A pointer to a variable that receives the size of the longest string that specifies a subkey class, in characters. The count returned does not include the terminating null character. This parameter can be NULL.
        lpcValues - A pointer to a variable that receives the number of values that are associated with the key. This parameter can be NULL.
        lpcMaxValueNameLen - A pointer to a variable that receives the size of the key's longest value name, in characters. The size does not include the terminating null character. This parameter can be NULL.
        lpcMaxValueLen - A pointer to a variable that receives the size of the longest data component among the key's values, in bytes. This parameter can be NULL.
        lpcbSecurityDescriptor - A pointer to a variable that receives the size of the key's security descriptor, in bytes. This parameter can be NULL.
        lpftLastWriteTime - A pointer to a FILETIME structure that receives the last write time. This parameter can be NULL.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.
      • RegGetValue

        int RegGetValue(WinReg.HKEY hkey,
                        java.lang.String lpSubKey,
                        java.lang.String lpValue,
                        int dwFlags,
                        IntByReference pdwType,
                        Pointer pvData,
                        IntByReference pcbData)
        Retrieves the type and data for the specified registry value.
        hkey - [in] A handle to an open registry key. The key must have been opened with the KEY_QUERY_VALUE access right. For more information, see Registry Key Security and Access Rights. This handle is returned by the RegCreateKeyEx, RegCreateKeyTransacted, RegOpenKeyEx, or RegOpenKeyTransacted function. It can also be one of the following predefined keys: HKEY_CLASSES_ROOT HKEY_CURRENT_CONFIG HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_PERFORMANCE_DATA HKEY_PERFORMANCE_NLSTEXT HKEY_PERFORMANCE_TEXT HKEY_USERS
        lpSubKey - [in, optional] The name of the registry key. This key must be a subkey of the key specified by the hkey parameter. Key names are not case sensitive.
        lpValue - [in, optional] The name of the registry value. If this parameter is NULL or an empty string, "", the function retrieves the type and data for the key's unnamed or default value, if any. For more information, see Registry Element Size Limits. Keys do not automatically have an unnamed or default value. Unnamed values can be of any type.
        dwFlags - [in, optional] The flags that restrict the data type of value to be queried. If the data type of the value does not meet this criteria, the function fails. This parameter can be one or more of the following values. RRF_RT_ANY 0x0000ffff No type restriction. RRF_RT_DWORD 0x00000018 Restrict type to 32-bit RRF_RT_REG_BINARY|RRF_RT_REG_DWORD. RRF_RT_QWORD 0x00000048 Restrict type to 64-bit RRF_RT_REG_BINARY | RRF_RT_REG_DWORD. RRF_RT_REG_BINARY 0x00000008 Restrict type to REG_BINARY. RRF_RT_REG_DWORD 0x00000010 Restrict type to REG_DWORD. RRF_RT_REG_EXPAND_SZ 0x00000004 Restrict type to REG_EXPAND_SZ. RRF_RT_REG_MULTI_SZ 0x00000020 Restrict type to REG_MULTI_SZ. RRF_RT_REG_NONE 0x00000001 Restrict type to REG_NONE. RRF_RT_REG_QWORD 0x00000040 Restrict type to REG_QWORD. RRF_RT_REG_SZ 0x00000002 Restrict type to REG_SZ. This parameter can also include one or more of the following values. RRF_NOEXPAND 0x10000000 Do not automatically expand environment strings if the value is of type REG_EXPAND_SZ. RRF_ZEROONFAILURE 0x20000000 If pvData is not NULL, set the contents of the buffer to zeroes on failure.
        pdwType - [out, optional] A pointer to a variable that receives a code indicating the type of data stored in the specified value. For a list of the possible type codes, see Registry Value Types. This parameter can be NULL if the type is not required.
        pvData - [out, optional] A pointer to a buffer that receives the value's data. This parameter can be NULL if the data is not required. If the data is a string, the function checks for a terminating null character. If one is not found, the string is stored with a null terminator if the buffer is large enough to accommodate the extra character. Otherwise, the function fails and returns ERROR_MORE_DATA.
        pcbData - [in, out, optional] A pointer to a variable that specifies the size of the buffer pointed to by the pvData parameter, in bytes. When the function returns, this variable contains the size of the data copied to pvData. The pcbData parameter can be NULL only if pvData is NULL. If the data has the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ type, this size includes any terminating null character or characters. For more information, see Remarks. If the buffer specified by pvData parameter is not large enough to hold the data, the function returns ERROR_MORE_DATA and stores the required buffer size in the variable pointed to by pcbData. In this case, the contents of the pvData buffer are undefined. If pvData is NULL, and pcbData is non-NULL, the function returns ERROR_SUCCESS and stores the size of the data, in bytes, in the variable pointed to by pcbData. This enables an application to determine the best way to allocate a buffer for the value's data. If hKey specifies HKEY_PERFORMANCE_DATA and the pvData buffer is not large enough to contain all of the returned data, the function returns ERROR_MORE_DATA and the value returned through the pcbData parameter is undefined. This is because the size of the performance data can change from one call to the next. In this case, you must increase the buffer size and call RegGetValue again passing the updated buffer size in the pcbData parameter. Repeat this until the function succeeds. You need to maintain a separate variable to keep track of the buffer size, because the value returned by pcbData is unpredictable. Return value If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a system error code. If the pvData buffer is too small to receive the value, the function returns ERROR_MORE_DATA.
      • RegNotifyChangeKeyValue

        int RegNotifyChangeKeyValue(WinReg.HKEY hKey,
                                    boolean bWatchSubtree,
                                    int dwNotifyFilter,
                                    WinNT.HANDLE hEvent,
                                    boolean fAsynchronous)
        Notifies the caller about changes to the attributes or contents of a specified registry key.
        hKey - A handle to an open registry key. This handle is returned by the RegCreateKeyEx or RegOpenKeyEx function. It can also be one of the following predefined keys. The key must have been opened with the KEY_NOTIFY access right. For more information, see Registry Key Security and Access Rights.
        bWatchSubtree - If this parameter is TRUE, the function reports changes in the specified key and its subkeys. If the parameter is FALSE, the function reports changes only in the specified key.
        dwNotifyFilter - A value that indicates the changes that should be reported. This parameter can be one or more of the following values.
        Value Meaning
        Notify the caller if a subkey is added or deleted.
        Notify the caller of changes to the attributes of the key, such as the security descriptor information.
        Notify the caller of changes to a value of the key. This can include adding or deleting a value, or changing an existing value.
        Notify the caller of changes to the security descriptor of the key.
        Indicates that the lifetime of the registration must not be tied to the lifetime of the thread issuing the RegNotifyChangeKeyValue call.
        Note: This flag value is only supported in Windows 8 and later.
        hEvent - A handle to an event. If the fAsynchronous parameter is TRUE, the function returns immediately and changes are reported by signaling this event. If fAsynchronous is FALSE, hEvent is ignored.
        fAsynchronous - If this parameter is TRUE, the function returns immediately and reports changes by signaling the specified event. If this parameter is FALSE, the function does not return until a change has occurred. If hEvent does not specify a valid event, the fAsynchronous parameter cannot be TRUE.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h. You can use the FormatMessage function with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic description of the error.

        Remarks: This function detects a single change. After the caller receives a notification event, it should call the function again to receive the next notification.

        This function cannot be used to detect changes to the registry that result from using the RegRestoreKey function.

        If the specified key is closed, the event is signaled. This means that an application should not depend on the key being open after returning from a wait operation on the event.

        The REG_NOTIFY_THREAD_AGNOSTIC flag introduced in Windows 8 enables the use of RegNotifyChangeKeyValue for ThreadPool threads.

        If the thread that called RegNotifyChangeKeyValue exits, the event is signaled. To continue to monitor additional changes in the value of the key, call RegNotifyChangeKeyValue again from another thread.

        With the exception of RegNotifyChangeKeyValue calls with REG_NOTIFY_THREAD_AGNOSTIC set, this function must be called on persistent threads. If the calling thread is from a thread pool and it is not persistent, the event is signaled every time the thread terminates, not just when there is a registry change. To ensure accurate results, run the thread pool work in a persistent thread by using the SetThreadpoolCallbackPersistent function, or create your own thread using the CreateThread function. (For the original thread pool API, specify WT_EXECUTEINPERSISTENTTHREAD using the QueueUserWorkItem function.)

        This function should not be called multiple times with the same value for the hKey but different values for the bWatchSubtree and dwNotifyFilter parameters. The function will succeed but the changes will be ignored. To change the watch parameters, you must first close the key handle by calling RegCloseKey, reopen the key handle by calling RegOpenKeyEx, and then call RegNotifyChangeKeyValue with the new parameters.

        Each time a process calls RegNotifyChangeKeyValue with the same set of parameters, it establishes another wait operation, creating a resource leak. Therefore, check that you are not calling RegNotifyChangeKeyValue with the same parameters until the previous wait operation has completed.

        To monitor registry operations in more detail, see Registry.

        Windows XP/2000: When RegNotifyChangeKeyValue is called for a particular key handle, change notifications occur for as long as the key handle is valid. This causes a second call to RegNotifyChangeKeyValue to return immediately, if any changes occur in the interim between the first and second calls. If the function is being used asynchronously, the passed event handle will be signaled immediately if any changes occur in the interim.

      • RegisterEventSource

        WinNT.HANDLE RegisterEventSource(java.lang.String lpUNCServerName,
                                         java.lang.String lpSourceName)
        Retrieves a registered handle to the specified event log.
        lpUNCServerName - The Universal Naming Convention (UNC) name of the remote server on which this operation is to be performed. If this parameter is NULL, the local computer is used.
        lpSourceName - The name of the event source whose handle is to be retrieved. The source name must be a subkey of a log under the Eventlog registry key. However, the Security log is for system use only.
        If the function succeeds, the return value is a handle to the event log. If the function fails, the return value is NULL. To get extended error information, call GetLastError. The function returns ERROR_ACCESS_DENIED if lpSourceName specifies the Security event log.
      • DeregisterEventSource

        boolean DeregisterEventSource(WinNT.HANDLE hEventLog)
        Closes the specified event log.
        hEventLog - A handle to the event log. The RegisterEventSource function returns this handle.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • OpenEventLog

        WinNT.HANDLE OpenEventLog(java.lang.String lpUNCServerName,
                                  java.lang.String lpSourceName)
        Opens a handle to the specified event log.
        lpUNCServerName - The Universal Naming Convention (UNC) name of the remote server on which the event log is to be opened. If this parameter is NULL, the local computer is used.
        lpSourceName - The name of the log. If you specify a custom log and it cannot be found, the event logging service opens the Application log; however, there will be no associated message or category string file.
        If the function succeeds, the return value is the handle to an event log. If the function fails, the return value is NULL. To get extended error information, call GetLastError.
      • CloseEventLog

        boolean CloseEventLog(WinNT.HANDLE hEventLog)
        Closes the specified event log.
        hEventLog - A handle to the event log to be closed. The OpenEventLog or OpenBackupEventLog function returns this handle.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • GetNumberOfEventLogRecords

        boolean GetNumberOfEventLogRecords(WinNT.HANDLE hEventLog,
                                           IntByReference NumberOfRecords)
        Retrieves the number of records in the specified event log.
        hEventLog - A handle to the open event log. The OpenEventLog or OpenBackupEventLog function returns this handle.
        NumberOfRecords - A pointer to a variable that receives the number of records in the specified event log.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • ReportEvent

        boolean ReportEvent(WinNT.HANDLE hEventLog,
                            int wType,
                            int wCategory,
                            int dwEventID,
                            WinNT.PSID lpUserSid,
                            int wNumStrings,
                            int dwDataSize,
                            java.lang.String[] lpStrings,
                            Pointer lpRawData)
        Writes an entry at the end of the specified event log.
        hEventLog - A handle to the event log. The RegisterEventSource function returns this handle. As of Windows XP with SP2, this parameter cannot be a handle to the Security log. To write an event to the Security log, use the AuthzReportSecurityEvent function.
        wType - The type of event to be logged.
        wCategory - The event category. This is source-specific information; the category can have any value.
        dwEventID - The event identifier. The event identifier specifies the entry in the message file associated with the event source.
        lpUserSid - A pointer to the current user's security identifier. This parameter can be NULL if the security identifier is not required.
        wNumStrings - The number of insert strings in the array pointed to by the lpStrings parameter. A value of zero indicates that no strings are present.
        dwDataSize - The number of bytes of event-specific raw (binary) data to write to the log. If this parameter is zero, no event-specific data is present.
        lpStrings - A pointer to a buffer containing an array of null-terminated strings that are merged into the message before Event Viewer displays the string to the user. This parameter must be a valid pointer (or NULL), even if wNumStrings is zero. Each string is limited to 31,839 characters.
        lpRawData - A pointer to the buffer containing the binary data. This parameter must be a valid pointer (or NULL), even if the dwDataSize parameter is zero.
        If the function succeeds, the return value is nonzero, indicating that the entry was written to the log. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • ClearEventLog

        boolean ClearEventLog(WinNT.HANDLE hEventLog,
                              java.lang.String lpBackupFileName)
        Clears the specified event log, and optionally saves the current copy of the log to a backup file.
        hEventLog - A handle to the event log to be cleared. The OpenEventLog function returns this handle.
        lpBackupFileName - The absolute or relative path of the backup file. If this file already exists, the function fails. If the lpBackupFileName parameter is NULL, the event log is not backed up.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError. The ClearEventLog function can fail if the event log is empty or the backup file already exists.
      • BackupEventLog

        boolean BackupEventLog(WinNT.HANDLE hEventLog,
                               java.lang.String lpBackupFileName)
        Saves the specified event log to a backup file. The function does not clear the event log.
        hEventLog - A handle to the open event log. The OpenEventLog function returns this handle.
        lpBackupFileName - The absolute or relative path of the backup file.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • OpenBackupEventLog

        WinNT.HANDLE OpenBackupEventLog(java.lang.String lpUNCServerName,
                                        java.lang.String lpFileName)
        Opens a handle to a backup event log created by the BackupEventLog function.
        lpUNCServerName - The Universal Naming Convention (UNC) name of the remote server on which this operation is to be performed. If this parameter is NULL, the local computer is used.
        lpFileName - The full path of the backup file.
        If the function succeeds, the return value is a handle to the backup event log. If the function fails, the return value is NULL. To get extended error information, call GetLastError.
      • ReadEventLog

        boolean ReadEventLog(WinNT.HANDLE hEventLog,
                             int dwReadFlags,
                             int dwRecordOffset,
                             Pointer lpBuffer,
                             int nNumberOfBytesToRead,
                             IntByReference pnBytesRead,
                             IntByReference pnMinNumberOfBytesNeeded)
        Reads the specified number of entries from the specified event log. The function can be used to read log entries in chronological or reverse chronological order.
        hEventLog - A handle to the event log to be read. The OpenEventLog function returns this handle.
        dwReadFlags - Use the following flag values to indicate how to read the log file.
        dwRecordOffset - The record number of the log-entry at which the read operation should start. This parameter is ignored unless dwReadFlags includes the EVENTLOG_SEEK_READ flag.
        lpBuffer - An application-allocated buffer that will receive one or more EVENTLOGRECORD structures. This parameter cannot be NULL, even if the nNumberOfBytesToRead parameter is zero. The maximum size of this buffer is 0x7ffff bytes.
        nNumberOfBytesToRead - The size of the lpBuffer buffer, in bytes. This function will read as many log entries as will fit in the buffer; the function will not return partial entries.
        pnBytesRead - A pointer to a variable that receives the number of bytes read by the function.
        pnMinNumberOfBytesNeeded - A pointer to a variable that receives the required size of the lpBuffer buffer. This value is valid only this function returns zero and GetLastError returns ERROR_INSUFFICIENT_BUFFER.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • GetOldestEventLogRecord

        boolean GetOldestEventLogRecord(WinNT.HANDLE hEventLog,
                                        IntByReference OldestRecord)
        The GetOldestEventLogRecord function retrieves the absolute record number of the oldest record in the specified event log.
        hEventLog - Handle to the open event log. This handle is returned by the OpenEventLog or OpenBackupEventLog function.
        OldestRecord - Pointer to a variable that receives the absolute record number of the oldest record in the specified event log.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • ChangeServiceConfig2

        boolean ChangeServiceConfig2(Winsvc.SC_HANDLE hService,
                                     int dwInfoLevel,
                                     Winsvc.ChangeServiceConfig2Info lpInfo)
        Changes the optional configuration parameters of a service.
        hService - A handle to the service. This handle is returned by the OpenService or CreateService function and must have the SERVICE_CHANGE_CONFIG access right. For more information, see Service Security and Access Rights. If the service controller handles the SC_ACTION_RESTART action, hService must have the SERVICE_START access right.
        dwInfoLevel - The configuration information to be changed.
        lpInfo - A pointer to the new value to be set for the configuration information. The format of this data depends on the value of the dwInfoLevel parameter. If this value is NULL, the information remains unchanged.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • QueryServiceConfig2

        boolean QueryServiceConfig2(Winsvc.SC_HANDLE hService,
                                    int dwInfoLevel,
                                    Pointer lpBuffer,
                                    int cbBufSize,
                                    IntByReference pcbBytesNeeded)
        Retrieves the optional configuration parameters of the specified service.
        hService - A handle to the service. This handle is returned by the OpenService or CreateService function and must have the SERVICE_QUERY_CONFIG access right. For more information, see Service Security and Access Rights.
        dwInfoLevel - The configuration information to be queried.
        lpBuffer - A pointer to the buffer that receives the service configuration information. The format of this data depends on the value of the dwInfoLevel parameter. The maximum size of this array is 8K bytes. To determine the required size, specify NULL for this parameter and 0 for the cbBufSize parameter. The function fails and GetLastError returns ERROR_INSUFFICIENT_BUFFER. The pcbBytesNeeded parameter receives the needed size.
        cbBufSize - The size of the structure pointed to by the lpBuffer parameter, in bytes.
        pcbBytesNeeded - A pointer to a variable that receives the number of bytes required to store the configuration information, if the function fails with ERROR_INSUFFICIENT_BUFFER.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • QueryServiceStatusEx

        boolean QueryServiceStatusEx(Winsvc.SC_HANDLE hService,
                                     int InfoLevel,
                                     Winsvc.SERVICE_STATUS_PROCESS lpBuffer,
                                     int cbBufSize,
                                     IntByReference pcbBytesNeeded)
        Retrieves the current status of the specified service based on the specified information level.
        hService - A handle to the service. This handle is returned by the OpenService(SC_HANDLE, String, int) or CreateService() function, and it must have the SERVICE_QUERY_STATUS access right. For more information, see Service Security and Access Rights.
        InfoLevel - The service attributes to be returned (a value from SC_STATUS_TYPE enumeration). Use SC_STATUS_PROCESS_INFO to retrieve the service status information. The lpBuffer parameter is a pointer to a SERVICE_STATUS_PROCESS structure. Currently, no other information levels are defined.
        lpBuffer - (optional) A pointer to the buffer that receives the status information. The format of this data depends on the value of the InfoLevel parameter. The maximum size of this array is 8K bytes. To determine the required size, specify NULL for this parameter and 0 for the cbBufSize parameter. The function will fail and GetLastError will return ERROR_INSUFFICIENT_BUFFER. The pcbBytesNeeded parameter will receive the required size.
        cbBufSize - The size of the buffer pointed to by the lpBuffer parameter, in bytes.
        pcbBytesNeeded - A pointer to a variable that receives the number of bytes needed to store all status information, if the function fails with ERROR_INSUFFICIENT_BUFFER.
        If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.
      • QueryServiceStatus

        boolean QueryServiceStatus(Winsvc.SC_HANDLE hService,
                                   Winsvc.SERVICE_STATUS lpServiceStatus)
        Retrieves the current status of the specified service based on the specified information level.
        hService - A handle to the service. This handle is returned by the OpenService(SC_HANDLE, String, int) or CreateService() function, and it must have the SERVICE_QUERY_STATUS access right. For more information, see Service Security and Access Rights.
        lpServiceStatus - A pointer to a SERVICE_STATUS structure that receives the status information.
        If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError.
      • ControlService

        boolean ControlService(Winsvc.SC_HANDLE hService,
                               int dwControl,
                               Winsvc.SERVICE_STATUS lpServiceStatus)
        Sends a control code to a service. To specify additional information when stopping a service, use the ControlServiceEx function.
        hService - A handle to the service. This handle is returned by the OpenService(SC_HANDLE, String, int) or CreateService() function. The access rights required for this handle depend on the dwControl code requested.
        dwControl - This parameter can be one of the following control codes (found in Winsvc.h): SERVICE_CONTROL_STOP, SERVICE_CONTROL_PAUSE, SERVICE_CONTROL_CONTINUE SERVICE_CONTROL_INTERROGATE, SERVICE_CONTROL_PARAMCHANGE, SERVICE_CONTROL_NETBINDADD, SERVICE_CONTROL_NETBINDREMOVE, SERVICE_CONTROL_NETBINDENABLE, SERVICE_CONTROL_NETBINDDISABLE This value can also be a user-defined control code, as described below: Range 128 to 255 - The service defines the action associated with the control code. The hService handle must have the SERVICE_USER_DEFINED_CONTROL access right.
        lpServiceStatus - A pointer to a SERVICE_STATUS structure that receives the latest service status information. The information returned reflects the most recent status that the service reported to the service control manager. The service control manager fills in the structure only when ControlService returns one of the following error codes: NO_ERROR, ERROR_INVALID_SERVICE_CONTROL, ERROR_SERVICE_CANNOT_ACCEPT_CTRL, or ERROR_SERVICE_NOT_ACTIVE. Otherwise, the structure is not filled in.
        If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.
      • StartService

        boolean StartService(Winsvc.SC_HANDLE hService,
                             int dwNumServiceArgs,
                             java.lang.String[] lpServiceArgVectors)
        Starts a service.
        hService - A handle to the service. This handle is returned by the OpenService(SC_HANDLE, String, int) or CreateService() function, and it must have the SERVICE_START access right. For more information, see Service Security and Access Rights.
        dwNumServiceArgs - The number of strings in the lpServiceArgVectors array. If lpServiceArgVectors is NULL, this parameter can be zero.
        lpServiceArgVectors - The null-terminated strings to be passed to the ServiceMain function for the service as arguments. If there are no arguments, this parameter can be null. Otherwise, the first argument (lpServiceArgVectors[0]) is the name of the service, followed by any additional arguments (lpServiceArgVectors[1] through lpServiceArgVectors[dwNumServiceArgs-1]). Driver services do not receive these arguments.
        If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.
      • CloseServiceHandle

        boolean CloseServiceHandle(Winsvc.SC_HANDLE hSCObject)
        Closes a handle to a service control manager or service object.
        hSCObject - A handle to the service control manager object or the service object to close. Handles to service control manager objects are returned by the OpenSCManager(String, String, int) function, and handles to service objects are returned by either the OpenService(SC_HANDLE, String, int) or CreateService() function.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.
      • OpenService

        Winsvc.SC_HANDLE OpenService(Winsvc.SC_HANDLE hSCManager,
                                     java.lang.String lpServiceName,
                                     int dwDesiredAccess)
        Opens an existing service.
        hSCManager - A handle to the service control manager database. The OpenSCManager(String, String, int) function returns this handle.
        lpServiceName - The name of the service to be opened. This is the name specified by the lpServiceName parameter of the CreateService function when the service object was created, not the service display name that is shown by user interface applications to identify the service. The maximum string length is 256 characters. The service control manager database preserves the case of the characters, but service name comparisons are always case insensitive. Forward-slash (/) and backslash (\) are invalid service name characters.
        dwDesiredAccess - The access to the service. For a list of access rights, see Service Security and Access Rights. Before granting the requested access, the system checks the access token of the calling process against the discretionary access-control list of the security descriptor associated with the service object.
        If the function succeeds, the return value is a handle to the service. If the function fails, the return value is NULL. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.
      • OpenSCManager

        Winsvc.SC_HANDLE OpenSCManager(java.lang.String lpMachineName,
                                       java.lang.String lpDatabaseName,
                                       int dwDesiredAccess)
        Establishes a connection to the service control manager on the specified computer and opens the specified service control manager database.
        lpMachineName - The name of the target computer. If the pointer is NULL or points to an empty string, the function connects to the service control manager on the local computer.
        lpDatabaseName - The name of the service control manager database. This parameter should be set to SERVICES_ACTIVE_DATABASE. If it is NULL, the SERVICES_ACTIVE_DATABASE database is opened by default.
        dwDesiredAccess - The access to the service control manager. For a list of access rights, see Service Security and Access Rights. Before granting the requested access rights, the system checks the access token of the calling process against the discretionary access-control list of the security descriptor associated with the service control manager. The SC_MANAGER_CONNECT access right is implicitly specified by calling this function.
        If the function succeeds, the return value is a handle to the specified service control manager database. If the function fails, the return value is NULL. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.
      • EnumDependentServices

        boolean EnumDependentServices(Winsvc.SC_HANDLE hService,
                                      int dwServiceState,
                                      Pointer lpService,
                                      int cbBufSize,
                                      IntByReference pcbBytesNeeded,
                                      IntByReference lpServicesReturned)
        Retrieves the name and status of each service that depends on the specified service; that is, the specified service must be running before the dependent services can run.
        hService - A handle to the service. This handle is returned by the OpenService or CreateService function, and it must have the SERVICE_ENUMERATE_DEPENDENTS access right. For more information, see Service Security and Access Rights.
        dwServiceState - The state of the services to be enumerated. This parameter can be one of the following values.
        Winsvc.SERVICE_ACTIVEEnumerates services that are in the following states: Winsvc.SERVICE_START_PENDING, Winsvc.SERVICE_STOP_PENDING, Winsvc.SERVICE_RUNNING, Winsvc.SERVICE_CONTINUE_PENDING, Winsvc.SERVICE_PAUSE_PENDING, and Winsvc.SERVICE_PAUSED.
        Winsvc.SERVICE_INACTIVEEnumerates services that are in the Winsvc.SERVICE_STOPPED state.
        Winsvc.SERVICE_STATE_ALLCombines the following states: Winsvc.SERVICE_ACTIVE and Winsvc.SERVICE_INACTIVE.
        lpService - A pointer to an array of ENUM_SERVICE_STATUS structures that receives the name and service status information for each dependent service in the database. The buffer must be large enough to hold the structures, plus the strings to which their members point.

        The order of the services in this array is the reverse of the start order of the services. In other words, the first service in the array is the one that would be started last, and the last service in the array is the one that would be started first.

        The maximum size of this array is 64,000 bytes. To determine the required size, specify NULL for this parameter and 0 for the cbBufSize parameter. The function will fail and GetLastError will return ERROR_MORE_DATA. The pcbBytesNeeded parameter will receive the required size.

        cbBufSize - The size of the buffer pointed to by the lpServices parameter, in bytes.
        pcbBytesNeeded - A pointer to a variable that receives the number of bytes needed to store the array of service entries. The variable only receives this value if the buffer pointed to by lpServices is too small, indicated by function failure and the ERROR_MORE_DATA error; otherwise, the contents of pcbBytesNeeded are undefined.
        lpServicesReturned - A pointer to a variable that receives the number of service entries returned.
        If the function succeeds, the return value is nonzero.

        If the function fails, the return value is zero. To get extended error information, call GetLastError.

        The following error codes may be set by the service control manager. Other error codes may be set by the registry functions that are called by the service control manager.

        Return codeDescription
        WinError.ERROR_ACCESS_DENIEDThe handle does not have the Winsvc.SERVICE_ENUMERATE_DEPENDENTS access right.
        WinError.ERROR_INVALID_HANDLEThe specified handle is invalid.
        WinError.ERROR_INVALID_PARAMETERA parameter that was specified is invalid.
        WinError.ERROR_MORE_DATAThe buffer pointed to by lpServices is not large enough. The function sets the variable pointed to by lpServicesReturned to the actual number of service entries stored into the buffer. The function sets the variable pointed to by pcbBytesNeeded to the number of bytes required to store all of the service entries.
      • CreateProcessAsUser

        boolean CreateProcessAsUser(WinNT.HANDLE hToken,
                                    java.lang.String lpApplicationName,
                                    java.lang.String lpCommandLine,
                                    WinBase.SECURITY_ATTRIBUTES lpProcessAttributes,
                                    WinBase.SECURITY_ATTRIBUTES lpThreadAttributes,
                                    boolean bInheritHandles,
                                    int dwCreationFlags,
                                    java.lang.String lpEnvironment,
                                    java.lang.String lpCurrentDirectory,
                                    WinBase.STARTUPINFO lpStartupInfo,
                                    WinBase.PROCESS_INFORMATION lpProcessInformation)
        Creates a new process and its primary thread. The new process runs in the security context of the user represented by the specified token. Typically, the process that calls the CreateProcessAsUser function must have the SE_INCREASE_QUOTA_NAME privilege and may require the SE_ASSIGNPRIMARYTOKEN_NAME privilege if the token is not assignable. If this function fails with ERROR_PRIVILEGE_NOT_HELD (1314), use the CreateProcessWithLogonW function instead. CreateProcessWithLogonW requires no special privileges, but the specified user account must be allowed to log on interactively. Generally, it is best to use CreateProcessWithLogonW to create a process with alternate credentials.
        hToken - A handle to the primary token that represents a user.
        lpApplicationName - The name of the module to be executed.
        lpCommandLine - The command line to be executed.
        lpProcessAttributes - A pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new process object and determines whether child processes can inherit the returned handle to the process.
        lpThreadAttributes - A pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new thread object and determines whether child processes can inherit the returned handle to the thread.
        bInheritHandles - If this parameter is TRUE, each inheritable handle in the calling process is inherited by the new process. If the parameter is FALSE, the handles are not inherited. Note that inherited handles have the same value and access rights as the original handles.
        dwCreationFlags - The flags that control the priority class and the creation of the process. For a list of values, see Process Creation Flags.
        lpEnvironment - A pointer to an environment block for the new process. If this parameter is NULL, the new process uses the environment of the calling process. An environment block consists of a null-terminated block of null-terminated strings. Each string is in the following form: name=value\0
        lpCurrentDirectory - The full path to the current directory for the process. The string can also specify a UNC path.
        lpStartupInfo - A pointer to a STARTUPINFO or STARTUPINFOEX structure.
        lpProcessInformation - A pointer to a PROCESS_INFORMATION structure that receives identification information about the new process.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • AdjustTokenPrivileges

        boolean AdjustTokenPrivileges(WinNT.HANDLE TokenHandle,
                                      boolean DisableAllPrivileges,
                                      WinNT.TOKEN_PRIVILEGES NewState,
                                      int BufferLength,
                                      WinNT.TOKEN_PRIVILEGES PreviousState,
                                      IntByReference ReturnLength)
        The AdjustTokenPrivileges function enables or disables privileges in the specified access token. Enabling or disabling privileges in an access token requires TOKEN_ADJUST_PRIVILEGES access.
        TokenHandle - A handle to the access token that contains the privileges to be modified.
        DisableAllPrivileges - Specifies whether the function disables all of the token's privileges.
        NewState - A pointer to a TOKEN_PRIVILEGES structure that specifies an array of privileges and their attributes.
        BufferLength - Specifies the size, in bytes, of the buffer pointed to by the PreviousState parameter. This parameter can be zero if the PreviousState parameter is NULL.
        PreviousState - A pointer to a buffer that the function fills with a TOKEN_PRIVILEGES structure that contains the previous state of any privileges that the function modifies.
        ReturnLength - A pointer to a variable that receives the required size, in bytes, of the buffer pointed to by the PreviousState parameter.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • LookupPrivilegeName

        boolean LookupPrivilegeName(java.lang.String lpSystemName,
                                    WinNT.LUID lpLuid,
                                    char[] lpName,
                                    IntByReference cchName)
        The LookupPrivilegeName function retrieves the name that corresponds to the privilege represented on a specific system by a specified locally unique identifier (LUID).
        lpSystemName - A pointer to a null-terminated string that specifies the name of the system on which the privilege name is retrieved. If a null string is specified, the function attempts to find the privilege name on the local system.
        lpLuid - A pointer to the LUID by which the privilege is known on the target system.
        lpName - A pointer to a buffer that receives a null-terminated string that represents the privilege name. For example, this string could be "SeSecurityPrivilege".
        cchName - A pointer to a variable that specifies the size, in a TCHAR value, of the lpName buffer.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • LookupPrivilegeValue

        boolean LookupPrivilegeValue(java.lang.String lpSystemName,
                                     java.lang.String lpName,
                                     WinNT.LUID lpLuid)
        The LookupPrivilegeValue function retrieves the locally unique identifier (LUID) used on a specified system to locally represent the specified privilege name.
        lpSystemName - A pointer to a null-terminated string that specifies the name of the system on which the privilege name is retrieved. If a null string is specified, the function attempts to find the privilege name on the local system.
        lpName - A pointer to a null-terminated string that specifies the name of the privilege, as defined in the Winnt.h header file. For example, this parameter could specify the constant, SE_SECURITY_NAME, or its corresponding string, "SeSecurityPrivilege".
        lpLuid - A pointer to a variable that receives the LUID by which the privilege is known on the system specified by the lpSystemName parameter.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • GetFileSecurity

        boolean GetFileSecurity(java.lang.String lpFileName,
                                int RequestedInformation,
                                Pointer pointer,
                                int nLength,
                                IntByReference lpnLengthNeeded)
        The function obtains specified information about the security of a file or directory. The information obtained is constrained by the caller's access rights and privileges.
        lpFileName - A pointer to a null-terminated string that specifies the file or directory for which security information is retrieved.
        RequestedInformation - A SECURITY_INFORMATION value that identifies the security information being requested. See WinNT *_SECURITY_INFORMATION
        pointer - A pointer to a buffer that receives a copy of the security descriptor of the object specified by the lpFileName parameter. The calling process must have permission to view the specified aspects of the object's security status. The SECURITY_DESCRIPTOR structure is returned in self-relative format.
        nLength - Specifies the size, in bytes, of the buffer pointed to by the pSecurityDescriptor parameter.
        lpnLengthNeeded - A pointer to the variable that receives the number of bytes necessary to store the complete security descriptor. If the returned number of bytes is less than or equal to nLength, the entire security descriptor is returned in the output buffer; otherwise, none of the descriptor is returned.
        whether the call succeeded
      • SetFileSecurity

        boolean SetFileSecurity(java.lang.String lpFileName,
                                int SecurityInformation,
                                Pointer pSecurityDescriptor)
        The SetFileSecurity function sets the security of a file or directory object. This function is obsolete. Use the SetNamedSecurityInfo function instead.
        lpFileName - A pointer to a null-terminated string that specifies the file or directory for which security is set. Note that security applied to a directory is not inherited by its children.
        SecurityInformation - Specifies a SECURITY_INFORMATION structure that identifies the contents of the security descriptor pointed to by the pSecurityDescriptor parameter.
        pSecurityDescriptor - A pointer to a SECURITY_DESCRIPTOR structure.
        If the function succeeds, the function returns nonzero. If the function fails, it returns zero. To get extended error information, call GetLastError.
      • GetSecurityInfo

        int GetSecurityInfo(WinNT.HANDLE handle,
                            int ObjectType,
                            int SecurityInfo,
                            PointerByReference ppsidOwner,
                            PointerByReference ppsidGroup,
                            PointerByReference ppDacl,
                            PointerByReference ppSacl,
                            PointerByReference ppSecurityDescriptor)
        The GetSecurityInfo function retrieves a copy of the security descriptor for an object specified by a handle.
        handle - [in] A handle to the object from which to retrieve security information.
        ObjectType - [in] SE_OBJECT_TYPE enumeration value that indicates the type of object.
        SecurityInfo - [in] A set of bit flags that indicate the type of security information to retrieve. See WinNT *_SECURITY_INFORMATION
        ppsidOwner - [out, optional] A pointer to a variable that receives a pointer to the owner SID in the security descriptor returned in ppSecurityDescriptor. The returned pointer is valid only if you set the OWNER_SECURITY_INFORMATION flag. This parameter can be NULL if you do not need the owner SID.
        ppsidGroup - [in, optional] A pointer to a variable that receives a pointer to the primary group SID in the returned security descriptor. The returned pointer is valid only if you set the GROUP_SECURITY_INFORMATION flag. This parameter can be NULL if you do not need the group SID.
        ppDacl - [in, optional] A pointer to a variable that receives a pointer to the DACL in the returned security descriptor. The returned pointer is valid only if you set the DACL_SECURITY_INFORMATION flag. This parameter can be NULL if you do not need the DACL.
        ppSacl - [in, optional] A pointer to a variable that receives a pointer to the SACL in the returned security descriptor. The returned pointer is valid only if you set the SACL_SECURITY_INFORMATION flag. This parameter can be NULL if you do not need the SACL.
        ppSecurityDescriptor - A pointer to a variable that receives a pointer to the security descriptor of the object. When you have finished using the pointer, free the returned buffer by calling the LocalFree function. This parameter is required if any one of the ppsidOwner, ppsidGroup, ppDacl, or ppSacl parameters is not NULL.
        whether the call succeeded. A nonzero return is a failure.


        1. If the ppsidOwner, ppsidGroup, ppDacl, and ppSacl parameters are non-NULL, and the SecurityInfo parameter specifies that they be retrieved from the object, those parameters will point to the corresponding parameters in the security descriptor returned in ppSecurityDescriptor.

        2. To read the owner, group, or DACL from the object's security descriptor, the calling process must have been granted READ_CONTROL access when the handle was opened. To get READ_CONTROL access, the caller must be the owner of the object or the object's DACL must grant the access.

        3. To read the SACL from the security descriptor, the calling process must have been granted ACCESS_SYSTEM_SECURITY access when the handle was opened. The proper way to get this access is to enable the SE_SECURITY_NAME privilege in the caller's current token, open the handle for ACCESS_SYSTEM_SECURITY access, and then disable the privilege.

        4. If the supplied handle was opened with an ACCESS_MASK value of MAXIMUM_ALLOWED, then the SetSecurityInfo function will not propagate ACEs to children.

      • SetSecurityInfo

        int SetSecurityInfo(WinNT.HANDLE handle,
                            int ObjectType,
                            int SecurityInfo,
                            Pointer ppsidOwner,
                            Pointer ppsidGroup,
                            Pointer ppDacl,
                            Pointer ppSacl)
        The SetSecurityInfo function sets specified security information in the security descriptor of a specified object. The caller identifies the object by a handle.
        handle - [in] A handle to the object for which to set security information.
        ObjectType - [in] A value of the SE_OBJECT_TYPE enumeration that indicates the type of object named by the pObjectName parameter.
        SecurityInfo - [in] A set of bit flags that indicate the type of security information to set. See WinNT *_SECURITY_INFORMATION
        ppsidOwner - [in, optional] A pointer to a SID structure that identifies the owner of the object. If the caller does not have the SeRestorePrivilege constant (see Privilege Constants), this SID must be contained in the caller's token, and must have the SE_GROUP_OWNER permission enabled. The SecurityInfo parameter must include the OWNER_SECURITY_INFORMATION flag. To set the owner, the caller must have WRITE_OWNER access to the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled. If you are not setting the owner SID, this parameter can be NULL.
        ppsidGroup - [in, optional] A pointer to a SID that identifies the primary group of the object. The SecurityInfo parameter must include the GROUP_SECURITY_INFORMATION flag. If you are not setting the primary group SID, this parameter can be NULL.
        ppDacl - [in, optional] A pointer to the new DACL for the object. The SecurityInfo parameter must include the DACL_SECURITY_INFORMATION flag. The caller must have WRITE_DAC access to the object or be the owner of the object. If you are not setting the DACL, this parameter can be NULL.
        ppSacl - [in, optional] A pointer to the new SACL for the object. The SecurityInfo parameter must include any of the following flags: SACL_SECURITY_INFORMATION, LABEL_SECURITY_INFORMATION, ATTRIBUTE_SECURITY_INFORMATION, SCOPE_SECURITY_INFORMATION, or BACKUP_SECURITY_INFORMATION. If setting SACL_SECURITY_INFORMATION or SCOPE_SECURITY_INFORMATION, the caller must have the SE_SECURITY_NAME privilege enabled. If you are not setting the SACL, this parameter can be NULL.
        whether the call succeeded. A nonzero return is a failure.


        1. If you are setting the discretionary access control list (DACL) or any elements in the system access control list (SACL) of an object, the system automatically propagates any inheritable access control entries (ACEs) to existing child objects, according to the ACE inheritance rules.

        2. The SetSecurityInfo function does not reorder access-allowed or access-denied ACEs based on the preferred order. When propagating inheritable ACEs to existing child objects, SetSecurityInfo puts inherited ACEs in order after all of the noninherited ACEs in the DACLs of the child objects.

        3. If share access to the children of the object is not available, this function will not propagate unprotected ACEs to the children. For example, if a directory is opened with exclusive access, the operating system will not propagate unprotected ACEs to the subdirectories or files of that directory when the security on the directory is changed.

        4. If the supplied handle was opened with an ACCESS_MASK value of MAXIMUM_ALLOWED, then the SetSecurityInfo function will not propagate ACEs to children.

      • GetNamedSecurityInfo

        int GetNamedSecurityInfo(java.lang.String pObjectName,
                                 int ObjectType,
                                 int SecurityInfo,
                                 PointerByReference ppsidOwner,
                                 PointerByReference ppsidGroup,
                                 PointerByReference ppDacl,
                                 PointerByReference ppSacl,
                                 PointerByReference ppSecurityDescriptor)
        The GetNamedSecurityInfo function retrieves a copy of the security descriptor for an object specified by name
        pObjectName - A pointer to a that specifies the name of the object from which to retrieve security information. For descriptions of the string formats for the different object types, see SE_OBJECT_TYPE.
        ObjectType - Specifies a value from the SE_OBJECT_TYPE enumeration that indicates the type of object named by the pObjectName parameter.
        SecurityInfo - A set of bit flags that indicate the type of security information to retrieve. See WinNT *_SECURITY_INFORMATION
        ppsidOwner - [out, optional] A pointer to a variable that receives a pointer to the owner SID in the security descriptor returned in ppSecurityDescriptor or NULL if the security descriptor has no owner SID. The returned pointer is valid only if you set the OWNER_SECURITY_INFORMATION flag. Also, this parameter can be NULL if you do not need the owner SID.
        ppsidGroup - [out, optional] A pointer to a variable that receives a pointer to the primary group SID in the returned security descriptor or NULL if the security descriptor has no group SID. The returned pointer is valid only if you set the GROUP_SECURITY_INFORMATION flag. Also, this parameter can be NULL if you do not need the group SID.
        ppDacl - [out, optional] A pointer to a variable that receives a pointer to the DACL in the returned security descriptor or NULL if the security descriptor has no DACL. The returned pointer is valid only if you set the DACL_SECURITY_INFORMATION flag. Also, this parameter can be NULL if you do not need the DACL.
        ppSacl - [out, optional] A pointer to a variable that receives a pointer to the SACL in the returned security descriptor or NULL if the security descriptor has no SACL. The returned pointer is valid only if you set the SACL_SECURITY_INFORMATION flag. Also, this parameter can be NULL if you do not need the SACL.
        ppSecurityDescriptor - A pointer to a variable that receives a pointer to the security descriptor of the object. When you have finished using the pointer, free the returned buffer by calling the LocalFree function. This parameter is required if any one of the ppsidOwner, ppsidGroup, ppDacl, or ppSacl parameters is not NULL.
        whether the call succeeded. A nonzero return is a failure. NOTES: 1. To read the owner, group, or DACL from the object's security descriptor, the object's DACL must grant READ_CONTROL access to the caller, or the caller must be the owner of the object. 2. To read the system access control list of the object, the SE_SECURITY_NAME privilege must be enabled for the calling process. For information about the security implications of enabling privileges, see Running with Special Privileges.
      • SetNamedSecurityInfo

        int SetNamedSecurityInfo(java.lang.String pObjectName,
                                 int ObjectType,
                                 int SecurityInfo,
                                 Pointer ppsidOwner,
                                 Pointer ppsidGroup,
                                 Pointer ppDacl,
                                 Pointer ppSacl)
        The SetNamedSecurityInfo function sets specified security information in the security descriptor of a specified object. The caller identifies the object by name.
        pObjectName - [in] A pointer to a string that specifies the name of the object for which to set security information. This can be the name of a local or remote file or directory on an NTFS file system, network share, registry key, semaphore, event, mutex, file mapping, or waitable timer. * For descriptions of the string formats for the different object types, see SE_OBJECT_TYPE.
        ObjectType - [in] A value of the SE_OBJECT_TYPE enumeration that indicates the type of object named by the pObjectName parameter.
        SecurityInfo - [in] A set of bit flags that indicate the type of security information to set. See WinNT *_SECURITY_INFORMATION
        ppsidOwner - [in, optional] A pointer to a SID structure that identifies the owner of the object. If the caller does not have the SeRestorePrivilege constant (see Privilege Constants), this SID must be contained in the caller's token, and must have the SE_GROUP_OWNER permission enabled. The SecurityInfo parameter must include the OWNER_SECURITY_INFORMATION flag. To set the owner, the caller must have WRITE_OWNER access to the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled. If you are not setting the owner SID, this parameter can be NULL.
        ppsidGroup - [in, optional] A pointer to a SID that identifies the primary group of the object. The SecurityInfo parameter must include the GROUP_SECURITY_INFORMATION flag. If you are not setting the primary group SID, this parameter can be NULL.
        ppDacl - [in, optional] A pointer to the new DACL for the object. The SecurityInfo parameter must include the DACL_SECURITY_INFORMATION flag. The caller must have WRITE_DAC access to the object or be the owner of the object. If you are not setting the DACL, this parameter can be NULL.
        ppSacl - [in, optional] A pointer to the new SACL for the object. The SecurityInfo parameter must include any of the following flags: SACL_SECURITY_INFORMATION, LABEL_SECURITY_INFORMATION, ATTRIBUTE_SECURITY_INFORMATION, SCOPE_SECURITY_INFORMATION, or BACKUP_SECURITY_INFORMATION. If setting SACL_SECURITY_INFORMATION or SCOPE_SECURITY_INFORMATION, the caller must have the SE_SECURITY_NAME privilege enabled. If you are not setting the SACL, this parameter can be NULL.
        whether the call succeeded. A nonzero return is a failure. NOTES: 1. The SetNamedSecurityInfo function does not reorder access-allowed or access-denied ACEs based on the preferred order. When propagating inheritable ACEs to existing child objects, SetNamedSecurityInfo puts inherited ACEs in order after all of the noninherited ACEs in the DACLs of the child objects. 2. This function transfers information in plaintext. The information transferred by this function is signed unless signing has been turned off for the system, but no encryption is performed. 3. When you update access rights of a folder indicated by an UNC path, for example \\Test\TestFolder, the original inherited ACE is removed and the full volume path is not included.
      • GetSecurityDescriptorLength

        int GetSecurityDescriptorLength(Pointer ppSecurityDescriptor)
        The GetSecurityDescriptorLength function returns the length, in bytes, of a structurally valid security descriptor. The length includes the length of all associated structures.
        ppSecurityDescriptor - A pointer to the SECURITY_DESCRIPTOR structure whose length the function returns. The pointer is assumed to be valid.
        If the function succeeds, the function returns the length, in bytes, of the SECURITY_DESCRIPTOR structure. If the SECURITY_DESCRIPTOR structure is not valid, the return value is undefined.
      • IsValidSecurityDescriptor

        boolean IsValidSecurityDescriptor(Pointer ppSecurityDescriptor)
        The IsValidSecurityDescriptor function determines whether the components of a security descriptor are valid.
        ppSecurityDescriptor - [in] A pointer to a SECURITY_DESCRIPTOR structure that the function validates.
        If the components of the security descriptor are valid, the return value is nonzero.
      • MakeSelfRelativeSD

        boolean MakeSelfRelativeSD(WinNT.SECURITY_DESCRIPTOR pAbsoluteSD,
                                   WinNT.SECURITY_DESCRIPTOR_RELATIVE pSelfRelativeSD,
                                   IntByReference lpdwBufferLength)
        A pointer to a SECURITY_DESCRIPTOR structure in absolute format. The function creates a version of this security descriptor in self-relative format without modifying the original.
        pAbsoluteSD - A pointer to a SECURITY_DESCRIPTOR structure in absolute format. The function creates a version of this security descriptor in self-relative format without modifying the original.
        pSelfRelativeSD - A pointer to a buffer the function fills with a security descriptor in self-relative format.
        lpdwBufferLength - A pointer to a variable specifying the size of the buffer pointed to by the pSelfRelativeSD parameter. If the buffer is not large enough for the security descriptor, the function fails and sets this variable to the minimum required size.
        If the function succeeds, the function returns nonzero. If the function fails, it returns zero. To get extended error information, call GetLastError. Possible return codes include, but are not limited to, the following: ERROR_INSUFFICIENT_BUFFER - One or more of the buffers is too small.
      • MakeAbsoluteSD

        boolean MakeAbsoluteSD(WinNT.SECURITY_DESCRIPTOR_RELATIVE pSelfRelativeSD,
                               WinNT.SECURITY_DESCRIPTOR pAbsoluteSD,
                               IntByReference lpdwAbsoluteSDSize,
                               WinNT.ACL pDacl,
                               IntByReference lpdwDaclSize,
                               WinNT.ACL pSacl,
                               IntByReference lpdwSaclSize,
                               WinNT.PSID pOwner,
                               IntByReference lpdwOwnerSize,
                               WinNT.PSID pPrimaryGroup,
                               IntByReference lpdwPrimaryGroupSize)
        The MakeAbsoluteSD function creates a security descriptor in absolute format by using a security descriptor in self-relative format as a template.
        pSelfRelativeSD - A pointer to a SECURITY_DESCRIPTOR structure in self-relative format. The function creates an absolute-format version of this security descriptor without modifying the original security descriptor.
        pAbsoluteSD - A pointer to a buffer that the function fills with the main body of an absolute-format security descriptor. This information is formatted as a SECURITY_DESCRIPTOR structure.
        lpdwAbsoluteSDSize - A pointer to a variable that specifies the size of the buffer pointed to by the pAbsoluteSD parameter. If the buffer is not large enough for the security descriptor, the function fails and sets this variable to the minimum required size.
        pDacl - A pointer to a buffer the function fills with the discretionary access control list (DACL) of the absolute-format security descriptor. The main body of the absolute-format security descriptor references this pointer.
        lpdwDaclSize - A pointer to a variable that specifies the size of the buffer pointed to by the pDacl parameter. If the buffer is not large enough for the access control list (ACL), the function fails and sets this variable to the minimum required size.
        pSacl - A pointer to a buffer the function fills with the system access control list (SACL) of the absolute-format security descriptor. The main body of the absolute-format security descriptor references this pointer.
        lpdwSaclSize - A pointer to a variable that specifies the size of the buffer pointed to by the pSacl parameter. If the buffer is not large enough for the ACL, the function fails and sets this variable to the minimum required size.
        pOwner - A pointer to a buffer the function fills with the security identifier (SID) of the owner of the absolute-format security descriptor. The main body of the absolute-format security descriptor references this pointer.
        lpdwOwnerSize - A pointer to a variable that specifies the size of the buffer pointed to by the pOwner parameter. If the buffer is not large enough for the SID, the function fails and sets this variable to the minimum required size.
        pPrimaryGroup - A pointer to a buffer the function fills with the SID of the absolute-format security descriptor's primary group. The main body of the absolute-format security descriptor references this pointer.
        lpdwPrimaryGroupSize - A pointer to a variable that specifies the size of the buffer pointed to by the pPrimaryGroup parameter. If the buffer is not large enough for the SID, the function fails and sets this variable to the minimum required size.
        If the function succeeds, the function returns nonzero. If the function fails, it returns zero. To get extended error information, call GetLastError. Possible return codes include, but are not limited to, the following: ERROR_INSUFFICIENT_BUFFER - One or more of the buffers is too small.
      • IsValidAcl

        boolean IsValidAcl(Pointer pAcl)
        The IsValidAcl function validates an access control list (ACL).
        pAcl - [in] A pointer to an ACL structure validated by this function. This value must not be NULL.
        If the ACL is valid, the function returns nonzero. If the ACL is not valid, the function returns zero. There is no extended error information for this function; do not call GetLastError. This function checks the revision level of the ACL and verifies that the number of access control entries (ACEs) specified in the AceCount member of the ACL structure fits the space specified by the AclSize member of the ACL structure.If pAcl is NULL, the application will fail with an access violation.
      • MapGenericMask

        void MapGenericMask(WinDef.DWORDByReference AccessMask,
                            WinNT.GENERIC_MAPPING GenericMapping)
        Applies the given mapping of generic access rights to the given access mask.
        AccessMask - [in, out] A pointer to an access mask.
        GenericMapping - [in] A pointer to a GENERIC_MAPPING structure specifying a mapping of generic access types to specific and standard access types.
      • AccessCheck

        boolean AccessCheck(Pointer pSecurityDescriptor,
                            WinNT.HANDLE ClientToken,
                            WinDef.DWORD DesiredAccess,
                            WinNT.GENERIC_MAPPING GenericMapping,
                            WinNT.PRIVILEGE_SET PrivilegeSet,
                            WinDef.DWORDByReference PrivilegeSetLength,
                            WinDef.DWORDByReference GrantedAccess,
                            WinDef.BOOLByReference AccessStatus)
        Check if the if the security descriptor grants access to the given client token.
        pSecurityDescriptor - [in] A pointer to a SECURITY_DESCRIPTOR structure against which access is checked.
        ClientToken - [in] A handle to an impersonation token that represents the client that is attempting to gain access. The handle must have TOKEN_QUERY access to the token; otherwise, the function fails with ERROR_ACCESS_DENIED.
        DesiredAccess - [in] Access mask that specifies the access rights to check. This mask must have been mapped by the MapGenericMask function to contain no generic access rights.
        If this parameter is MAXIMUM_ALLOWED, the function sets the GrantedAccess access mask to indicate the maximum access rights the security descriptor allows the client.
        GenericMapping - [in] A pointer to the GENERIC_MAPPING structure associated with the object for which access is being checked.
        PrivilegeSet - [out, optional] A pointer to a PRIVILEGE_SET structure that receives the privileges used to perform the access validation. If no privileges were used, the function sets the PrivilegeCount member to zero.
        PrivilegeSetLength - [in, out] Specifies the size, in bytes, of the buffer pointed to by the PrivilegeSet parameter.
        GrantedAccess - [out] A pointer to an access mask that receives the granted access rights. If AccessStatus is set to FALSE, the function sets the access mask to zero. If the function fails, it does not set the access mask.
        AccessStatus - [out] A pointer to a variable that receives the results of the access check. If the security descriptor allows the requested access rights to the client identified by the access token, AccessStatus is set to TRUE. Otherwise, AccessStatus is set to FALSE, and you can call GetLastError to get extended error information.
        true on success; false on failure (use GetLastError to get extended error information)
      • EncryptFile

        boolean EncryptFile(java.lang.String lpFileName)
        Encrypts a file or directory. All data streams in a file are encrypted. All new files created in an encrypted directory are encrypted.
        lpFileName - The name of the file or directory to be encrypted.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • DecryptFile

        boolean DecryptFile(java.lang.String lpFileName,
                            WinDef.DWORD dwReserved)
        Decrypts an encrypted file or directory.
        lpFileName - The name of the file or directory to be decrypted.
        dwReserved - Reserved; must be zero.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • FileEncryptionStatus

        boolean FileEncryptionStatus(java.lang.String lpFileName,
                                     WinDef.DWORDByReference lpStatus)
        Retrieves the encryption status of the specified file.
        lpFileName - The name of the file.
        lpStatus - A pointer to a variable that receives the encryption status of the file.
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • EncryptionDisable

        boolean EncryptionDisable(java.lang.String DirPath,
                                  boolean Disable)
        Disables or enables encryption of the specified directory and the files in it. It does not affect encryption of subdirectories below the indicated directory.
        DirPath - The name of the directory for which to enable or disable encryption.
        Disable - Indicates whether to disable encryption (TRUE) or enable it (FALSE).
        If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.
      • OpenEncryptedFileRaw

        int OpenEncryptedFileRaw(java.lang.String lpFileName,
                                 WinDef.ULONG ulFlags,
                                 PointerByReference pvContext)
        Opens an encrypted file in order to backup (export) or restore (import) the file. This is one of a group of Encrypted File System (EFS) functions that is intended to implement backup and restore functionality, while maintaining files in their encrypted state.
        lpFileName - The name of the file to be opened. The string must consist of characters from the Windows character set.
        ulFlags - The operation to be performed.
        pvContext - The address of a context block that must be presented in subsequent calls to ReadEncryptedFileRaw, WriteEncryptedFileRaw, or CloseEncryptedFileRaw. Do not modify it.
        If the function succeeds, it returns ERROR_SUCCESS. If the function fails, it returns a nonzero error code defined in WinError.h. You can use FormatMessage with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic text description of the error.
      • ReadEncryptedFileRaw

        int ReadEncryptedFileRaw(WinBase.FE_EXPORT_FUNC pfExportCallback,
                                 Pointer pvCallbackContext,
                                 Pointer pvContext)
        Backs up (export) encrypted files. This is one of a group of Encrypted File System (EFS) functions that is intended to implement backup and restore functionality, while maintaining files in their encrypted state.
        pfExportCallback - A pointer to the export callback function. The system calls the callback function multiple times, each time passing a block of the file's data to the callback function until the entire file has been read. For more information, see ExportCallback.
        pvCallbackContext - A pointer to an application-defined and allocated context block. The system passes this pointer to the callback function as a parameter so that the callback function can have access to application-specific data. This can be a structure and can contain any data the application needs, such as the handle to the file that will contain the backup copy of the encrypted file.
        pvContext - A pointer to a system-defined context block. The context block is returned by the OpenEncryptedFileRaw function. Do not modify it.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, it returns a nonzero error code defined in WinError.h. You can use FormatMessage with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic text description of the error.
      • WriteEncryptedFileRaw

        int WriteEncryptedFileRaw(WinBase.FE_IMPORT_FUNC pfImportCallback,
                                  Pointer pvCallbackContext,
                                  Pointer pvContext)
        Restores (import) encrypted files. This is one of a group of Encrypted File System (EFS) functions that is intended to implement backup and restore functionality, while maintaining files in.
        pfImportCallback - A pointer to the import callback function. The system calls the callback function multiple times, each time passing a buffer that will be filled by the callback function with a portion of backed-up file's data. When the callback function signals that the entire file has been processed, it tells the system that the restore operation is finished. For more information, see ImportCallback.
        pvCallbackContext - A pointer to an application-defined and allocated context block. The system passes this pointer to the callback function as a parameter so that the callback function can have access to application-specific data. This can be a structure and can contain any data the application needs, such as the handle to the file that will contain the backup copy of the encrypted file.
        pvContext - A pointer to a system-defined context block. The context block is returned by the OpenEncryptedFileRaw function. Do not modify it.
        If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, it returns a nonzero error code defined in WinError.h. You can use FormatMessage with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic text description of the error.
      • CloseEncryptedFileRaw

        void CloseEncryptedFileRaw(Pointer pvContext)
        Closes an encrypted file after a backup or restore operation, and frees associated system resources. This is one of a group of Encrypted File System (EFS) functions that is intended to implement backup and restore functionality, while maintaining files in their encrypted state.
        pvContext - A pointer to a system-defined context block. The OpenEncryptedFileRaw function returns the context block.
      • CreateProcessWithLogonW

        boolean CreateProcessWithLogonW(java.lang.String lpUsername,
                                        java.lang.String lpDomain,
                                        java.lang.String lpPassword,
                                        int dwLogonFlags,
                                        java.lang.String lpApplicationName,
                                        java.lang.String lpCommandLine,
                                        int dwCreationFlags,
                                        Pointer lpEnvironment,
                                        java.lang.String lpCurrentDirectory,
                                        WinBase.STARTUPINFO lpStartupInfo,
                                        WinBase.PROCESS_INFORMATION lpProcessInfo)
        BOOL WINAPI CreateProcessWithLogonW( _In_ LPCWSTR lpUsername, _In_opt_ LPCWSTR lpDomain, _In_ LPCWSTR lpPassword, _In_ DWORD dwLogonFlags, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInfo );
        lpUsername - [in]
        The name of the user. This is the name of the user account to log on to.
        If you use the UPN format, user@DNS_domain_name, the lpDomain parameter must be NULL.
        The user account must have the Log On Locally permission on the local computer.
        This permission is granted to all users on workstations and servers, but only to administrators on domain controllers.
        lpDomain - [in, optional]
        The name of the domain or server whose account database contains the lpUsername account.
        If this parameter is NULL, the user name must be specified in UPN format.
        lpPassword - [in]
        The clear-text password for the lpUsername account.
        dwLogonFlags - [in]
        The logon option. This parameter can be 0 (zero) or one of the following values.
        LOGON_WITH_PROFILE: 0x00000001
        Log on, then load the user profile in the HKEY_USERS registry key.
        The function returns after the profile is loaded.
        Loading the profile can be time-consuming, so it is best to use this value only if you must access the information in the HKEY_CURRENT_USER registry key.
        Windows Server 2003: The profile is unloaded after the new process is terminated, whether or not it has created child processes.
        Windows XP: The profile is unloaded after the new process and all child processes it has created are terminated.

        Log on, but use the specified credentials on the network only.
        The new process uses the same token as the caller, but the system creates a new logon session within LSA, and the process uses the specified credentials as the default credentials.
        This value can be used to create a process that uses a different set of credentials locally than it does remotely.
        This is useful in inter-domain scenarios where there is no trust relationship.
        The system does not validate the specified credentials.
        Therefore, the process can start, but it may not have access to network resources.
        lpApplicationName - [in, optional]
        The name of the module to be executed. This module can be a Windows-based application.
        It can be some other type of module (for example, MS-DOS or OS/2) if the appropriate subsystem is available on the local computer. The string can specify the full path and file name of the module to execute or it can specify a partial name.
        If it is a partial name, the function uses the current drive and current directory to complete the specification.
        The function does not use the search path. This parameter must include the file name extension; no default extension is assumed. The lpApplicationName parameter can be NULL, and the module name must be the first white space-delimited token in the lpCommandLine string.
        If you are using a long file name that contains a space, use quoted strings to indicate where the file name ends and the arguments begin; otherwise, the file name is ambiguous. For example, the following string can be interpreted in different ways:
        "c:\program files\sub dir\program name"
        The system tries to interpret the possibilities in the following order:

        c:\program.exe files\sub dir\program name
        c:\program files\sub.exe dir\program name
        c:\program files\sub dir\program.exe name
        c:\program files\sub dir\program name.exe

        If the executable module is a 16-bit application, lpApplicationName should be NULL, and the string pointed to by lpCommandLine should specify the executable module and its arguments.
        lpCommandLine - [in, out, optional]
        The command line to be executed. The maximum length of this string is 1024 characters.
        If lpApplicationName is NULL, the module name portion of lpCommandLine is limited to MAX_PATH characters.
        The function can modify the contents of this string.
        Therefore, this parameter cannot be a pointer to read-only memory (such as a const variable or a literal string).
        If this parameter is a constant string, the function may cause an access violation.
        The lpCommandLine parameter can be NULL, and the function uses the string pointed to by lpApplicationNameas the command line.

        If both lpApplicationName and lpCommandLine are non-NULL, *lpApplicationName specifies the module to execute, and *lpCommandLine specifies the command line.
        The new process can use GetCommandLine to retrieve the entire command line.
        Console processes written in C can use the argc and argv arguments to parse the command line.
        Because argv[0] is the module name, C programmers typically repeat the module name as the first token in the command line.
        If lpApplicationName is NULL, the first white space-delimited token of the command line specifies the module name.
        If you are using a long file name that contains a space, use quoted strings to indicate where the file name ends and the arguments begin (see the explanation for the lpApplicationName parameter). If the file name does not contain an extension, .exe is appended. Therefore, if the file name extension is .com, this parameter must include the .com extension. If the file name ends in a period with no extension, or if the file name contains a path, .exe is not appended. If the file name does not contain a directory path, the system searches for the executable file in the following sequence:

        1. The directory from which the application loaded.
        2. The current directory for the parent process.
        3. The 32-bit Windows system directory. Use the GetSystemDirectory function to get the path of this directory.
        4. The 16-bit Windows system directory. There is no function that obtains the path of this directory, but it is searched.
        5. The Windows directory. Use the GetWindowsDirectory function to get the path of this directory.
        6. The directories that are listed in the PATH environment variable. Note that this function does not search the per-application path specified by the App Paths registry key. To include this per-application path in the search sequence, use the ShellExecute function.

        The system adds a null character to the command line string to separate the file name from the arguments. This divides the original string into two strings for internal processing.
        dwCreationFlags - The flags that control how the process is created.
        Even if you do not set the flag, the system functions as if it were set. You can specify additional flags as noted.

        CREATE_DEFAULT_ERROR_MODE: 0x04000000
        The new process does not inherit the error mode of the calling process.
        Instead, CreateProcessWithLogonW gives the new process the current default error mode.
        An application sets the current default error mode by calling SetErrorMode. This flag is enabled by default.

        CREATE_NEW_CONSOLE: 0x00000010
        The new process has a new console, instead of inheriting the parent's console. This flag cannot be used with the DETACHED_PROCESS flag.
        This flag is enabled by default.

        CREATE_NEW_PROCESS_GROUP: 0x00000200
        The new process is the root process of a new process group.
        The process group includes all processes that are descendants of this root process.
        The process identifier of the new process group is the same as the process identifier, which is returned in the lpProcessInfo parameter.
        Process groups are used by the GenerateConsoleCtrlEvent function to enable sending a CTRL+C or CTRL+BREAK signal to a group of console processes.
        This flag is enabled by default.

        CREATE_SEPARATE_WOW_VDM: 0x00000800
        This flag is only valid starting a 16-bit Windows-based application.
        If set, the new process runs in a private Virtual DOS Machine (VDM).
        By default, all 16-bit Windows-based applications run in a single, shared VDM.
        The advantage of running separately is that a crash only terminates the single VDM; any other programs running in distinct VDMs continue to function normally.
        Also, 16-bit Windows-based applications that run in separate VDMs have separate input queues, which means that if one application stops responding momentarily, applications in separate VDMs continue to receive input.
        CREATE_SUSPENDED: 0x00000004
        The primary thread of the new process is created in a suspended state, and does not run until the ResumeThread function is called.

        Indicates the format of the lpEnvironment parameter.
        If this flag is set, the environment block pointed to by lpEnvironment uses Unicode characters.
        Otherwise, the environment block uses ANSI characters.
        The process is created with extended startup information; the lpStartupInfo parameter specifies a STARTUPINFOEX structure.
        Windows Server 2003 and Windows XP: This value is not supported.
        lpEnvironment - [in, optional]
        A pointer to an environment block for the new process.
        If this parameter is NULL, the new process uses an environment created from the profile of the user specified by lpUsername. An environment block consists of a null-terminated block of null-terminated strings.
        Each string is in the following form:
        Because the equal sign (=) is used as a separator, it must not be used in the name of an environment variable.
        An environment block can contain Unicode or ANSI characters.
        If the environment block pointed to by lpEnvironment contains Unicode characters, ensure that dwCreationFlags includes CREATE_UNICODE_ENVIRONMENT.
        If this parameter is NULL and the environment block of the parent process contains Unicode characters, you must also ensure that dwCreationFlags includes CREATE_UNICODE_ENVIRONMENT.
        An ANSI environment block is terminated by two 0 (zero) bytes: one for the last string and one more to terminate the block.
        A Unicode environment block is terminated by four zero bytes: two for the last string and two more to terminate the block.
        To retrieve a copy of the environment block for a specific user, use the CreateEnvironmentBlock function.
        lpCurrentDirectory - [in, optional]
        The full path to the current directory for the process.
        The string can also specify a UNC path.
        If this parameter is NULL, the new process has the same current drive and directory as the calling process.
        This feature is provided primarily for shells that need to start an application, and specify its initial drive and working directory.
        lpStartupInfo - [in]
        A pointer to a STARTUPINFO or STARTUPINFOEX structure.
        The application must add permission for the specified user account to the specified window station and desktop, even for WinSta0\Default.
        If the lpDesktop member is NULL or an empty string, the new process inherits the desktop and window station of its parent process.
        The application must add permission for the specified user account to the inherited window station and desktop.
        Windows XP: CreateProcessWithLogonW adds permission for the specified user account to the inherited window station and desktop.
        Handles in STARTUPINFO or STARTUPINFOEX must be closed with CloseHandle when they are no longer needed.
        Important If the dwFlags member of the STARTUPINFO structure specifies STARTF_USESTDHANDLES, the standard handle fields are copied unchanged to the child process without validation.
        The caller is responsible for ensuring that these fields contain valid handle values. Incorrect values can cause the child process to misbehave or crash.
        Use the Application Verifier runtime verification tool to detect invalid handles.
        lpProcessInfo - [out]
        A pointer to a PROCESS_INFORMATION structure that receives identification information for the new process, including a handle to the process.
        Handles in PROCESS_INFORMATION must be closed with the CloseHandle function when they are not needed.
        If the function succeeds, the return value is nonzero.
        If the function fails, the return value is 0 (zero).
        To get extended error information, call GetLastError.
        Note that the function returns before the process has finished initialization.
        If a required DLL cannot be located or fails to initialize, the process is terminated.
        To get the termination status of a process, call GetExitCodeProcess.
        See Also:
      • StartServiceCtrlDispatcher

        boolean StartServiceCtrlDispatcher(Winsvc.SERVICE_TABLE_ENTRY[] lpServiceTable)
        Connects the main thread of a service process to the service control manager, which causes the thread to be the service control dispatcher thread for the calling process.
        lpServiceTable - A pointer to an array of SERVICE_TABLE_ENTRY structures containing one entry for each service that can execute in the calling process. The members of the last entry in the table must have NULL values to designate the end of the table.
        true if function succeeds. To get extended error information, call GetLastError. Possible error codes:
        Return codeDescription
        ERROR_FAILED_SERVICE_CONTROLLER_CONNECTThis error is returned if the program is being run as a console application rather than as a service. If the program will be run as a console application for debugging purposes, structure it such that service-specific code is not called when this error is returned.
        ERROR_INVALID_DATAThe specified dispatch table contains entries that are not in the proper format.
        ERROR_SERVICE_ALREADY_RUNNINGThe process has already called StartServiceCtrlDispatcher. Each process can call StartServiceCtrlDispatcher only one time.
      • RegisterServiceCtrlHandler

        Winsvc.SERVICE_STATUS_HANDLE RegisterServiceCtrlHandler(java.lang.String lpServiceName,
                                                                Library.Handler lpHandlerProc)
        Registers a function to handle service control requests.

        This function has been superseded by the RegisterServiceCtrlHandlerEx function. A service can use either function, but the new function supports user-defined context data, and the new handler function supports additional extended control codes.

        lpServiceName - The name of the service run by the calling thread. This is the service name that the service control program specified in the CreateService function when creating the service.

        If the service type is SERVICE_WIN32_OWN_PROCESS, the function does not verify that the specified name is valid, because there is only one registered service in the process.

        lpHandlerProc - A pointer to the handler function to be registered. For more information, see WinSvc.Handler.
        A service status handle, NULL on error. Call GetLastError to get extended error condition. Possible error codes:
        Return codeDescription
        ERROR_NOT_ENOUGH_MEMORYNot enough memory is available to convert an ANSI string parameter to Unicode. This error does not occur for Unicode string parameters.
        ERROR_SERVICE_NOT_IN_EXEThe service entry was specified incorrectly when the process called the StartServiceCtrlDispatcher(com.sun.jna.platform.win32.Winsvc.SERVICE_TABLE_ENTRY[]) function.
      • RegisterServiceCtrlHandlerEx

        Winsvc.SERVICE_STATUS_HANDLE RegisterServiceCtrlHandlerEx(java.lang.String lpServiceName,
                                                                  Winsvc.HandlerEx lpHandlerProc,
                                                                  Pointer lpContext)
        Registers a function to handle extended service control requests.
        lpServiceName - The name of the service run by the calling thread. This is the service name that the service control program specified in the CreateService function when creating the service.
        lpHandlerProc - The handler function to be registered. For more information, see HandlerEx.
        lpContext - Any user-defined data. This parameter, which is passed to the handler function, can help identify the service when multiple services share a process.
        A service status handle on success, NULL on error. Call GetLastError to get extended information. Possible error codes:
        Return codeDescription
        ERROR_NOT_ENOUGH_MEMORYNot enough memory is available to convert an ANSI string parameter to Unicode. This error does not occur for Unicode string parameters.
        ERROR_SERVICE_NOT_IN_EXEThe service entry was specified incorrectly when the process called the StartServiceCtrlDispatcher(com.sun.jna.platform.win32.Winsvc.SERVICE_TABLE_ENTRY[]) function.
      • SetServiceStatus

        boolean SetServiceStatus(Winsvc.SERVICE_STATUS_HANDLE hServiceStatus,
                                 Winsvc.SERVICE_STATUS lpServiceStatus)
        Updates the service control manager's status information for the calling service.
        hServiceStatus - A handle to the status information structure for the current service. This handle is returned by the RegisterServiceCtrlHandlerEx function.
        lpServiceStatus - A pointer to the SERVICE_STATUS structure the contains the latest status information for the calling service.
        true if function succeeds. To get extended error information, call GetLastError. Possible error codes:
        Return codeDescription
        ERROR_INVALID_DATAThe specified service status structure is invalid.
        ERROR_INVALID_HANDLEThe specified handle is invalid.
      • CreateService

        Winsvc.SC_HANDLE CreateService(Winsvc.SC_HANDLE hSCManager,
                                       java.lang.String lpServiceName,
                                       java.lang.String lpDisplayName,
                                       int dwDesiredAccess,
                                       int dwServiceType,
                                       int dwStartType,
                                       int dwErrorControl,
                                       java.lang.String lpBinaryPathName,
                                       java.lang.String lpLoadOrderGroup,
                                       IntByReference lpdwTagId,
                                       java.lang.String lpDependencies,
                                       java.lang.String lpServiceStartName,
                                       java.lang.String lpPassword)
        Creates a service object and adds it to the specified service control manager database.
        hSCManager - [in] A handle to the service control manager database. This handle is returned by the OpenSCManager function and must have the SC_MANAGER_CREATE_SERVICE access right. For more information, see Service Security and Access Rights.
        lpServiceName - [in] The name of the service to install. The maximum string length is 256 characters. The service control manager database preserves the case of the characters, but service name comparisons are always case insensitive. Forward-slash (/) and backslash (\) are not valid service name characters.
        lpDisplayName - [in, optional] The display name to be used by user interface programs to identify the service. This string has a maximum length of 256 characters. The name is case-preserved in the service control manager. Display name comparisons are always case-insensitive.
        dwDesiredAccess - [in] The access to the service. Before granting the requested access, the system checks the access token of the calling process. For a list of values, see Service Security and Access Rights.
        dwServiceType - [in] The service type. This parameter can be one of the following values.
        File system driver service.
        Driver service.
        Service that runs in its own process.
        Service that shares a process with one or more other services. For more information, see Service Programs.

        If you specify either SERVICE_WIN32_OWN_PROCESS or SERVICE_WIN32_SHARE_PROCESS, and the service is running in the context of the LocalSystem account, you can also specify the following value.

        The service can interact with the desktop.
        dwStartType - [in] The service start options. This parameter can be one of the following values.
        A service started automatically by the service control manager during system startup.
        A device driver started by the system loader. This value is valid only for driver services.
        A service started by the service control manager when a process calls the StartService function.
        A service that cannot be started. Attempts to start the service result in the error code ERROR_SERVICE_DISABLED.
        A device driver started by the IoInitSystem function. This value is valid only for driver services.
        dwErrorControl - [in] The severity of the error, and action taken, if this service fails to start. This parameter can be one of the following values.
        The startup program logs the error in the event log, if possible. If the last-known-good configuration is being started, the startup operation fails. Otherwise, the system is restarted with the last-known good configuration.
        The startup program ignores the error and continues the startup operation.
        The startup program logs the error in the event log but continues the startup operation.
        The startup program logs the error in the event log. If the last-known-good configuration is being started, the startup operation continues. Otherwise, the system is restarted with the last-known-good configuration.
        lpBinaryPathName - [in, optional] The fully qualified path to the service binary file. If the path contains a space, it must be quoted so that it is correctly interpreted. For example, "d:\\my share\\myservice.exe" should be specified as "\"d:\\my share\\myservice.exe\"".

        The path can also include arguments for an auto-start service. For example, "d:\\myshare\\myservice.exe arg1 arg2". These passed to the service entry point (typically the main function).

        If you specify a path on another computer, the share must be accessible by the computer account of the local computer because this is the security context used in the remote call. However, this requirement allows any potential vulnerabilities in the remote computer to affect the local computer. Therefore, it is best to use a local file.

        lpLoadOrderGroup - [in, optional] The names of the load ordering group of which this service is a member. Specify NULL or an empty string if the service does not belong to a group.

        The startup program uses load ordering groups to load groups of services in a specified order with respect to the other groups. The list of load ordering groups is contained in the following registry value:


        lpdwTagId - [out, optional] A pointer to a variable that receives a tag value that is unique in the group specified in the lpLoadOrderGroup parameter. Specify NULL if you are not changing the existing tag.

        You can use a tag for ordering service startup within a load ordering group by specifying a tag order vector in the following registry value:


        Tags are only evaluated for driver services that have SERVICE_BOOT_START or SERVICE_SYSTEM_START start types.

        lpDependencies - [in, optional] A pointer to a double null-terminated array of null-separated names of services or load ordering groups that the system must start before this service. Specify NULL or an empty string if the service has no dependencies. Dependency on a group means that this service can run if at least one member of the group is running after an attempt to start all members of the group.

        You must prefix group names with SC_GROUP_IDENTIFIER so that they can be distinguished from a service name, because services and service groups share the same name space.

        lpServiceStartName - [in, optional] The name of the account under which the service should run. If the service type is SERVICE_WIN32_OWN_PROCESS, use an account name in the form DomainName\UserName. The service process will be logged on as this user. If the account belongs to the built-in domain, you can specify .\UserName.

        If this parameter is NULL, CreateService uses the LocalSystem account. If the service type specifies SERVICE_INTERACTIVE_PROCESS, the service must run in the LocalSystem account.

        If this parameter is NT AUTHORITY\LocalService, CreateService uses the LocalService account. If the parameter is NT AUTHORITY\NetworkService, CreateService uses the NetworkService account.

        A shared process can run as any user.

        If the service type is SERVICE_KERNEL_DRIVER or SERVICE_FILE_SYSTEM_DRIVER, the name is the driver object name that the system uses to load the device driver. Specify NULL if the driver is to use a default object name created by the I/O system.

        A service can be configured to use a managed account or a virtual account. If the service is configured to use a managed service account, the name is the managed service account name. If the service is configured to use a virtual account, specify the name as NT SERVICE\ServiceName. For more information about managed service accounts and virtual accounts, see the Service Accounts Step-by-Step Guide.

        Windows Server 2008, Windows Vista, Windows Server 2003 and Windows XP: Managed service accounts and virtual accounts are not supported until Windows 7 and Windows Server 2008 R2.

        lpPassword - [in, optional] The password to the account name specified by the lpServiceStartName parameter. Specify an empty string if the account has no password or if the service runs in the LocalService, NetworkService, or LocalSystem account. For more information, see Service Record List.

        If the account name specified by the lpServiceStartName parameter is the name of a managed service account or virtual account name, the lpPassword parameter must be NULL.

        Passwords are ignored for driver services.

        SC_HANDLE on success, NULL on error. Call GetLastError to get extended error condition. Possible error codes:
        Return codeDescription
        ERROR_ACCESS_DENIEDThe handle to the SCM database does not have the SC_MANAGER_CREATE_SERVICE access right.
        ERROR_CIRCULAR_DEPENDENCYA circular service dependency was specified.
        ERROR_DUPLICATE_SERVICE_NAMEThe display name already exists in the service control manager database either as a service name or as another display name.
        ERROR_INVALID_HANDLEThe handle to the specified service control manager database is invalid.
        ERROR_INVALID_NAMEThe specified service name is invalid.
        ERROR_INVALID_PARAMETERA parameter that was specified is invalid.
        ERROR_INVALID_SERVICE_ACCOUNTThe user account name specified in the lpServiceStartName parameter does not exist.
        ERROR_SERVICE_EXISTSThe specified service already exists in this database.
        ERROR_SERVICE_MARKED_FOR_DELETEThe specified service already exists in this database and has been marked for deletion.
      • DeleteService

        boolean DeleteService(Winsvc.SC_HANDLE hService)
        Marks the specified service for deletion from the service control manager database.
        hService - [in] A handle to the service. This handle is returned by the OpenService or CreateService function, and it must have the DELETE access right.
        true if function succeeds. To get extended error information, call GetLastError. Possible error codes:
        Return codeDescription
        ERROR_ACCESS_DENIEDThe handle does not have the DELETE access right.
        ERROR_INVALID_HANDLEThe specified handle is invalid.
        ERROR_SERVICE_MARKED_FOR_DELETEThe specified service has already been marked for deletion.
